diff --git a/.travis.yml b/.travis.yml index 56d41de17d..304377486e 100644 --- a/.travis.yml +++ b/.travis.yml @@ -16,10 +16,10 @@ branches: notifications: email: recipients: - - bro-commits-internal@bro.org + - zeek-commits-internal@zeek.org -# Build Bro and run tests in the following Linux distros (specifying "travis" -# builds bro in Travis without using docker). +# Build Zeek and run tests in the following Linux distros (specifying "travis" +# builds Zeek in Travis without using docker). env: - distro: centos_7 - distro: debian_9 diff --git a/CHANGES b/CHANGES index 76f88d351d..c00ebabeaa 100644 --- a/CHANGES +++ b/CHANGES @@ -1,4 +1,26 @@ +2.6-318 | 2019-05-21 09:17:53 -0700 + + * Remove state_dir and state_write_delay options (Jon Siwek, Corelight) + + * Remove a reference to &synchronized from docs (Jon Siwek, Corelight) + +2.6-316 | 2019-05-20 20:56:46 -0700 + + * Additional Bro to Zeek renaming (Daniel Thayer) + + * Added a new unit test for legacy Bro Plugins (Daniel Thayer) + + * Added a symlink bro-path-dev.in for use by legacy Bro packages (Daniel Thayer) + +2.6-314 | 2019-05-20 16:20:33 -0700 + + * Remove deprecated attributes. (Johanna Amann, Corelight) + To be more exact: &encrypt, &mergeable, &rotate_interval, &rotate_size + + Also removes no longer used redef-able constants: + log_rotate_interval, log_max_size, log_encryption_key + 2.6-311 | 2019-05-20 09:07:58 -0700 * Add missing &optional attr to KRB record fields; also add existence diff --git a/CMakeLists.txt b/CMakeLists.txt index 239004ee6c..fcbdea6629 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1,4 +1,4 @@ -project(Bro C CXX) +project(Zeek C CXX) # When changing the minimum version here, also adapt # aux/zeek-aux/plugin-support/skeleton/CMakeLists.txt @@ -21,23 +21,23 @@ if ( ENABLE_CCACHE ) set(CMAKE_CXX_COMPILER_LAUNCHER ${CCACHE_PROGRAM}) endif () -set(BRO_ROOT_DIR ${CMAKE_INSTALL_PREFIX}) -if (NOT BRO_SCRIPT_INSTALL_PATH) +set(ZEEK_ROOT_DIR ${CMAKE_INSTALL_PREFIX}) +if (NOT ZEEK_SCRIPT_INSTALL_PATH) # set the default Zeek script installation path (user did not specify one) - set(BRO_SCRIPT_INSTALL_PATH ${BRO_ROOT_DIR}/share/bro) + set(ZEEK_SCRIPT_INSTALL_PATH ${ZEEK_ROOT_DIR}/share/bro) endif () -if (NOT BRO_MAN_INSTALL_PATH) +if (NOT ZEEK_MAN_INSTALL_PATH) # set the default Zeek man page installation path (user did not specify one) - set(BRO_MAN_INSTALL_PATH ${BRO_ROOT_DIR}/share/man) + set(ZEEK_MAN_INSTALL_PATH ${ZEEK_ROOT_DIR}/share/man) endif () # sanitize the Zeek script install directory into an absolute path # (CMake is confused by ~ as a representation of home directory) -get_filename_component(BRO_SCRIPT_INSTALL_PATH ${BRO_SCRIPT_INSTALL_PATH} +get_filename_component(ZEEK_SCRIPT_INSTALL_PATH ${ZEEK_SCRIPT_INSTALL_PATH} ABSOLUTE) -set(BRO_PLUGIN_INSTALL_PATH ${BRO_ROOT_DIR}/lib/bro/plugins CACHE STRING "Installation path for plugins" FORCE) +set(BRO_PLUGIN_INSTALL_PATH ${ZEEK_ROOT_DIR}/lib/bro/plugins CACHE STRING "Installation path for plugins" FORCE) configure_file(zeek-path-dev.in ${CMAKE_CURRENT_BINARY_DIR}/zeek-path-dev) @@ -211,7 +211,7 @@ if ( ${CMAKE_SYSTEM_NAME} MATCHES Linux AND EXISTS /etc/os-release ) endif () endif () -set(brodeps +set(zeekdeps ${BinPAC_LIBRARY} ${PCAP_LIBRARY} ${OPENSSL_LIBRARIES} @@ -241,16 +241,16 @@ include(GetArchitecture) include(RequireCXX11) if ( (OPENSSL_VERSION VERSION_EQUAL "1.1.0") OR (OPENSSL_VERSION VERSION_GREATER "1.1.0") ) - set(BRO_HAVE_OPENSSL_1_1 true CACHE INTERNAL "" FORCE) + set(ZEEK_HAVE_OPENSSL_1_1 true CACHE INTERNAL "" FORCE) endif() # Tell the plugin code that we're building as part of the main tree. -set(BRO_PLUGIN_INTERNAL_BUILD true CACHE INTERNAL "" FORCE) +set(ZEEK_PLUGIN_INTERNAL_BUILD true CACHE INTERNAL "" FORCE) -set(DEFAULT_BROPATH .:${BRO_SCRIPT_INSTALL_PATH}:${BRO_SCRIPT_INSTALL_PATH}/policy:${BRO_SCRIPT_INSTALL_PATH}/site) +set(DEFAULT_ZEEKPATH .:${ZEEK_SCRIPT_INSTALL_PATH}:${ZEEK_SCRIPT_INSTALL_PATH}/policy:${ZEEK_SCRIPT_INSTALL_PATH}/site) if ( NOT BINARY_PACKAGING_MODE ) - set(BRO_DIST ${CMAKE_SOURCE_DIR}) + set(ZEEK_DIST ${CMAKE_SOURCE_DIR}) endif () string(TOLOWER ${CMAKE_BUILD_TYPE} CMAKE_BUILD_TYPE_LOWER) @@ -262,19 +262,19 @@ install(FILES ${CMAKE_CURRENT_BINARY_DIR}/zeek-config.h DESTINATION include/bro) if ( CAF_ROOT_DIR ) set(ZEEK_CONFIG_CAF_ROOT_DIR ${CAF_ROOT_DIR}) else () - set(ZEEK_CONFIG_CAF_ROOT_DIR ${BRO_ROOT_DIR}) + set(ZEEK_CONFIG_CAF_ROOT_DIR ${ZEEK_ROOT_DIR}) endif () if ( BinPAC_ROOT_DIR ) set(ZEEK_CONFIG_BINPAC_ROOT_DIR ${BinPAC_ROOT_DIR}) else () - set(ZEEK_CONFIG_BINPAC_ROOT_DIR ${BRO_ROOT_DIR}) + set(ZEEK_CONFIG_BINPAC_ROOT_DIR ${ZEEK_ROOT_DIR}) endif () if ( BROKER_ROOT_DIR ) set(ZEEK_CONFIG_BROKER_ROOT_DIR ${BROKER_ROOT_DIR}) else () - set(ZEEK_CONFIG_BROKER_ROOT_DIR ${BRO_ROOT_DIR}) + set(ZEEK_CONFIG_BROKER_ROOT_DIR ${ZEEK_ROOT_DIR}) endif () configure_file(${CMAKE_CURRENT_SOURCE_DIR}/zeek-config.in @@ -298,7 +298,7 @@ if ( BROKER_ROOT_DIR ) find_package(Broker REQUIRED) find_package(CAF COMPONENTS core io openssl REQUIRED) - set(brodeps ${brodeps} ${BROKER_LIBRARY} ${CAF_LIBRARIES}) + set(zeekdeps ${zeekdeps} ${BROKER_LIBRARY} ${CAF_LIBRARIES}) include_directories(BEFORE ${BROKER_INCLUDE_DIR}) else () set(ENABLE_STATIC_ONLY_SAVED ${ENABLE_STATIC_ONLY}) @@ -311,9 +311,9 @@ else () set(ENABLE_STATIC_ONLY ${ENABLE_STATIC_ONLY_SAVED}) if ( BUILD_STATIC_BROKER ) - set(brodeps ${brodeps} broker_static) + set(zeekdeps ${zeekdeps} broker_static) else() - set(brodeps ${brodeps} broker) + set(zeekdeps ${zeekdeps} broker) endif() include_directories(BEFORE ${CMAKE_CURRENT_SOURCE_DIR}/aux/broker ${CMAKE_CURRENT_BINARY_DIR}/aux/broker) @@ -363,7 +363,7 @@ message( "\nBuild type: ${CMAKE_BUILD_TYPE}" "\nBuild dir: ${CMAKE_BINARY_DIR}" "\nInstall prefix: ${CMAKE_INSTALL_PREFIX}" - "\nZeek Script Path: ${BRO_SCRIPT_INSTALL_PATH}" + "\nZeek Script Path: ${ZEEK_SCRIPT_INSTALL_PATH}" "\nDebug mode: ${ENABLE_DEBUG}" "\n" "\nCC: ${CMAKE_C_COMPILER}" diff --git a/NEWS b/NEWS index 242cdd4c17..e891996542 100644 --- a/NEWS +++ b/NEWS @@ -295,6 +295,11 @@ Removed Functionality - ``remote_trace_sync_interval`` - ``remote_trace_sync_peers`` - ``remote_check_sync_consistency`` + - ``log_rotate_interval`` + - ``log_max_size`` + - ``log_encryption_key`` + - ``state_dir`` + - ``state_write_delay`` - The following constants were used as part of deprecated functionality in version 2.6 or below and are removed from this release: @@ -311,9 +316,9 @@ Removed Functionality - Broccoli, which had been deprecated in version 2.6 and was no longer built by default was removed from the source tree. -- Support for the &persistent and the &synchronized attributes, which were deprecated - in Bro 2.6, was removed. The ``-g`` command-line option (dump-config) which relied on - this functionality was also removed. +- Support for the &persistent, &synchronized, &mergeable, &encrypt, &rotate_interval, + and &rotate_size attributes, which were deprecated in Bro 2.6, was removed. The ``-g`` + command-line option (dump-config) which relied on this functionality was also removed. - Removed the BroControl ``update`` command, which was deprecated in Bro 2.6. diff --git a/VERSION b/VERSION index 1b856a34fa..e59446bd05 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.6-311 +2.6-318 diff --git a/aux/bifcl b/aux/bifcl index 7a375f0749..bbf503e67c 160000 --- a/aux/bifcl +++ b/aux/bifcl @@ -1 +1 @@ -Subproject commit 7a375f0749f2bc28083863ff7ec44f3fba3510fa +Subproject commit bbf503e67cdcddbb13f8e067b0cbb2d874728c4f diff --git a/aux/binpac b/aux/binpac index 1446af96ea..6ed824a38e 160000 --- a/aux/binpac +++ b/aux/binpac @@ -1 +1 @@ -Subproject commit 1446af96ea4b76cc7a837e06b2da021754dde6e8 +Subproject commit 6ed824a38ea23dc10ec8bb21f813496719e9f76c diff --git a/aux/broker b/aux/broker index 53f7e0da11..0c7a8816fd 160000 --- a/aux/broker +++ b/aux/broker @@ -1 +1 @@ -Subproject commit 53f7e0da11c4d6ce014f27ae4dcf807a651fb634 +Subproject commit 0c7a8816fd385af4f633cb7239e3c63e6c88c27e diff --git a/aux/netcontrol-connectors b/aux/netcontrol-connectors index 6501fef1ff..e93235aa6e 160000 --- a/aux/netcontrol-connectors +++ b/aux/netcontrol-connectors @@ -1 +1 @@ -Subproject commit 6501fef1fffc0b49dda59b3716b03034edcfeee6 +Subproject commit e93235aa6e45820af7e23e97627845a7b2b3d919 diff --git a/aux/zeek-aux b/aux/zeek-aux index 117e8a550d..3ecc7b8c34 160000 --- a/aux/zeek-aux +++ b/aux/zeek-aux @@ -1 +1 @@ -Subproject commit 117e8a550de1266e2d50428344caf858aab0485b +Subproject commit 3ecc7b8c348a7b768092dad75e6cb54c6357b9d7 diff --git a/aux/zeekctl b/aux/zeekctl index bbfcb91b07..a955e66c8b 160000 --- a/aux/zeekctl +++ b/aux/zeekctl @@ -1 +1 @@ -Subproject commit bbfcb91b077a8bc145e39d7c941c50ba62826070 +Subproject commit a955e66c8b07fd6715c7ed379d0759acc592bb78 diff --git a/bro-path-dev.in b/bro-path-dev.in new file mode 120000 index 0000000000..854029fbb8 --- /dev/null +++ b/bro-path-dev.in @@ -0,0 +1 @@ +zeek-path-dev.in \ No newline at end of file diff --git a/cmake b/cmake index 5521da04df..8fb99b7aa9 160000 --- a/cmake +++ b/cmake @@ -1 +1 @@ -Subproject commit 5521da04df0190e3362e4c5164df5c2c8884dd2c +Subproject commit 8fb99b7aa9851caae2d938675324661571f8758e diff --git a/configure b/configure index 33de4694b9..b1ea7bdff5 100755 --- a/configure +++ b/configure @@ -130,10 +130,10 @@ builddir=build prefix=/usr/local/bro CMakeCacheEntries="" append_cache_entry CMAKE_INSTALL_PREFIX PATH $prefix -append_cache_entry BRO_ROOT_DIR PATH $prefix +append_cache_entry ZEEK_ROOT_DIR PATH $prefix append_cache_entry PY_MOD_INSTALL_DIR PATH $prefix/lib/zeekctl -append_cache_entry BRO_SCRIPT_INSTALL_PATH STRING $prefix/share/bro -append_cache_entry BRO_ETC_INSTALL_DIR PATH $prefix/etc +append_cache_entry ZEEK_SCRIPT_INSTALL_PATH STRING $prefix/share/bro +append_cache_entry ZEEK_ETC_INSTALL_DIR PATH $prefix/etc append_cache_entry ENABLE_DEBUG BOOL false append_cache_entry ENABLE_PERFTOOLS BOOL false append_cache_entry ENABLE_PERFTOOLS_DEBUG BOOL false @@ -179,25 +179,25 @@ while [ $# -ne 0 ]; do --prefix=*) prefix=$optarg append_cache_entry CMAKE_INSTALL_PREFIX PATH $optarg - append_cache_entry BRO_ROOT_DIR PATH $optarg + append_cache_entry ZEEK_ROOT_DIR PATH $optarg append_cache_entry PY_MOD_INSTALL_DIR PATH $optarg/lib/zeekctl ;; --scriptdir=*) - append_cache_entry BRO_SCRIPT_INSTALL_PATH STRING $optarg + append_cache_entry ZEEK_SCRIPT_INSTALL_PATH STRING $optarg user_set_scriptdir="true" ;; --conf-files-dir=*) - append_cache_entry BRO_ETC_INSTALL_DIR PATH $optarg + append_cache_entry ZEEK_ETC_INSTALL_DIR PATH $optarg user_set_conffilesdir="true" ;; --localstatedir=*) - append_cache_entry BRO_LOCAL_STATE_DIR PATH $optarg + append_cache_entry ZEEK_LOCAL_STATE_DIR PATH $optarg ;; --spooldir=*) - append_cache_entry BRO_SPOOL_DIR PATH $optarg + append_cache_entry ZEEK_SPOOL_DIR PATH $optarg ;; --logdir=*) - append_cache_entry BRO_LOG_DIR PATH $optarg + append_cache_entry ZEEK_LOG_DIR PATH $optarg ;; --enable-coverage) append_cache_entry ENABLE_COVERAGE BOOL true @@ -321,11 +321,11 @@ while [ $# -ne 0 ]; do done if [ "$user_set_scriptdir" != "true" ]; then - append_cache_entry BRO_SCRIPT_INSTALL_PATH STRING $prefix/share/bro + append_cache_entry ZEEK_SCRIPT_INSTALL_PATH STRING $prefix/share/bro fi if [ "$user_set_conffilesdir" != "true" ]; then - append_cache_entry BRO_ETC_INSTALL_DIR PATH $prefix/etc + append_cache_entry ZEEK_ETC_INSTALL_DIR PATH $prefix/etc fi if [ -d $builddir ]; then diff --git a/doc b/doc index b572056729..8c3395b7e3 160000 --- a/doc +++ b/doc @@ -1 +1 @@ -Subproject commit b5720567293c652233287a17cf781f6195073159 +Subproject commit 8c3395b7e3b1bdbe03bbdd3e290f98414a307651 diff --git a/man/CMakeLists.txt b/man/CMakeLists.txt index a369ee32b3..6a8a3d1bd9 100644 --- a/man/CMakeLists.txt +++ b/man/CMakeLists.txt @@ -1,5 +1,5 @@ -install(DIRECTORY . DESTINATION ${BRO_MAN_INSTALL_PATH}/man8 FILES_MATCHING +install(DIRECTORY . DESTINATION ${ZEEK_MAN_INSTALL_PATH}/man8 FILES_MATCHING PATTERN "*.8" ) diff --git a/man/zeek.8 b/man/zeek.8 index 0d851d0773..4142517667 100644 --- a/man/zeek.8 +++ b/man/zeek.8 @@ -1,8 +1,8 @@ -.TH BRO "8" "November 2014" "bro" "System Administration Utilities" +.TH ZEEK "8" "November 2014" "zeek" "System Administration Utilities" .SH NAME -bro \- passive network traffic analyzer +zeek \- passive network traffic analyzer .SH SYNOPSIS -.B bro +.B zeek \/\fP [\fIoptions\fR] [\fIfile\fR ...] .SH DESCRIPTION Zeek is primarily a security monitor that inspects all traffic on a link in @@ -30,7 +30,7 @@ don't load scripts from the base/ directory \fB\-d\fR,\ \-\-debug\-policy activate policy file debugging .TP -\fB\-e\fR,\ \-\-exec +\fB\-e\fR,\ \-\-exec augment loaded policies by given code .TP \fB\-f\fR,\ \-\-filter @@ -149,5 +149,5 @@ Output file for script execution statistics .B BRO_DISABLE_BROXYGEN Disable Zeekygen (Broxygen) documentation support .SH AUTHOR -.B bro +.B zeek was written by The Zeek Project . diff --git a/scripts/CMakeLists.txt b/scripts/CMakeLists.txt index a79fb96bd4..266981dd9e 100644 --- a/scripts/CMakeLists.txt +++ b/scripts/CMakeLists.txt @@ -1,6 +1,6 @@ include(InstallPackageConfigFile) -install(DIRECTORY ./ DESTINATION ${BRO_SCRIPT_INSTALL_PATH} FILES_MATCHING +install(DIRECTORY ./ DESTINATION ${ZEEK_SCRIPT_INSTALL_PATH} FILES_MATCHING PATTERN "site/local*" EXCLUDE PATTERN "test-all-policy.zeek" EXCLUDE PATTERN "*.zeek" @@ -14,8 +14,8 @@ if ( NOT BINARY_PACKAGING_MODE ) # because ZeekControl will now prefer to load local.zeek rather than local.bro # and we're about to install a default version of local.zeek. - set(_local_bro_dst ${BRO_SCRIPT_INSTALL_PATH}/site/local.bro) - set(_local_zeek_dst ${BRO_SCRIPT_INSTALL_PATH}/site/local.zeek) + set(_local_bro_dst ${ZEEK_SCRIPT_INSTALL_PATH}/site/local.bro) + set(_local_zeek_dst ${ZEEK_SCRIPT_INSTALL_PATH}/site/local.zeek) install(CODE " if ( \"\$ENV{DESTDIR}\" STREQUAL \"\" ) @@ -31,5 +31,5 @@ endif () # Install local script as a config file since it's meant to be modified directly. InstallPackageConfigFile( ${CMAKE_CURRENT_SOURCE_DIR}/site/local.zeek - ${BRO_SCRIPT_INSTALL_PATH}/site + ${ZEEK_SCRIPT_INSTALL_PATH}/site local.zeek) diff --git a/scripts/base/init-bare.zeek b/scripts/base/init-bare.zeek index a4ac715d78..bd70a1aacb 100644 --- a/scripts/base/init-bare.zeek +++ b/scripts/base/init-bare.zeek @@ -1801,15 +1801,6 @@ global log_file_name: function(tag: string): string &redef; ## Deprecated. This is superseded by the new logging framework. global open_log_file: function(tag: string): file &redef; -## Specifies a directory for Zeek to store its persistent state. All globals can -## be declared persistent via the :zeek:attr:`&persistent` attribute. -const state_dir = ".state" &redef; - -## Length of the delays inserted when storing state incrementally. To avoid -## dropping packets when serializing larger volumes of persistent state to -## disk, Zeek interleaves the operation with continued packet processing. -const state_write_delay = 0.01 secs &redef; - global done_with_network = F; event net_done(t: time) { done_with_network = T; } @@ -4588,18 +4579,9 @@ const cmd_line_bpf_filter = "" &redef; ## the current/maximum limit on open files for the process. const max_files_in_cache = 0 &redef; -## Deprecated. -const log_rotate_interval = 0 sec &redef; - ## Deprecated. const log_rotate_base_time = "0:00" &redef; -## Deprecated. -const log_max_size = 0.0 &redef; - -## Deprecated. -const log_encryption_key = "" &redef; - ## Write profiling info into this file in regular intervals. The easiest way to ## activate profiling is loading :doc:`/scripts/policy/misc/profiling.zeek`. ## diff --git a/src/Attr.cc b/src/Attr.cc index 875f22e415..e7801c12c6 100644 --- a/src/Attr.cc +++ b/src/Attr.cc @@ -11,11 +11,9 @@ const char* attr_name(attr_tag t) { static const char* attr_names[int(NUM_ATTRS)] = { "&optional", "&default", "&redef", - "&rotate_interval", "&rotate_size", "&add_func", "&delete_func", "&expire_func", "&read_expire", "&write_expire", "&create_expire", - "&encrypt", - "&raw_output", "&mergeable", "&priority", + "&raw_output", "&priority", "&group", "&log", "&error_handler", "&type_column", "(&tracked)", "&deprecated", }; @@ -357,21 +355,6 @@ void Attributes::CheckAttr(Attr* a) } break; - case ATTR_ROTATE_INTERVAL: - if ( type->Tag() != TYPE_FILE ) - Error("&rotate_interval only applicable to files"); - break; - - case ATTR_ROTATE_SIZE: - if ( type->Tag() != TYPE_FILE ) - Error("&rotate_size only applicable to files"); - break; - - case ATTR_ENCRYPT: - if ( type->Tag() != TYPE_FILE ) - Error("&encrypt only applicable to files"); - break; - case ATTR_EXPIRE_READ: case ATTR_EXPIRE_WRITE: case ATTR_EXPIRE_CREATE: @@ -446,11 +429,6 @@ void Attributes::CheckAttr(Attr* a) Error("&raw_output only applicable to files"); break; - case ATTR_MERGEABLE: - if ( type->Tag() != TYPE_TABLE ) - Error("&mergeable only applicable to tables/sets"); - break; - case ATTR_PRIORITY: Error("&priority only applicable to event bodies"); break; diff --git a/src/Attr.h b/src/Attr.h index 4a1110bc04..de6b07abbe 100644 --- a/src/Attr.h +++ b/src/Attr.h @@ -15,17 +15,13 @@ typedef enum { ATTR_OPTIONAL, ATTR_DEFAULT, ATTR_REDEF, - ATTR_ROTATE_INTERVAL, - ATTR_ROTATE_SIZE, ATTR_ADD_FUNC, ATTR_DEL_FUNC, ATTR_EXPIRE_FUNC, ATTR_EXPIRE_READ, ATTR_EXPIRE_WRITE, ATTR_EXPIRE_CREATE, - ATTR_ENCRYPT, ATTR_RAW_OUTPUT, - ATTR_MERGEABLE, ATTR_PRIORITY, ATTR_GROUP, ATTR_LOG, diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 1d7bfddb73..19d3799719 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -352,10 +352,10 @@ collect_headers(bro_HEADERS ${bro_SRCS}) if ( bro_HAVE_OBJECT_LIBRARIES ) add_executable(zeek ${bro_SRCS} ${bro_HEADERS} ${bro_SUBDIRS}) - target_link_libraries(zeek ${brodeps} ${CMAKE_THREAD_LIBS_INIT} ${CMAKE_DL_LIBS}) + target_link_libraries(zeek ${zeekdeps} ${CMAKE_THREAD_LIBS_INIT} ${CMAKE_DL_LIBS}) else () add_executable(zeek ${bro_SRCS} ${bro_HEADERS}) - target_link_libraries(zeek ${bro_SUBDIRS} ${brodeps} ${CMAKE_THREAD_LIBS_INIT} ${CMAKE_DL_LIBS}) + target_link_libraries(zeek ${bro_SUBDIRS} ${zeekdeps} ${CMAKE_THREAD_LIBS_INIT} ${CMAKE_DL_LIBS}) endif () if ( NOT "${bro_LINKER_FLAGS}" STREQUAL "" ) @@ -399,7 +399,7 @@ add_dependencies(bif_loader_plugins ${bro_SUBDIRS}) add_dependencies(zeek bif_loader_plugins) # Install *.bif.zeek. -install(DIRECTORY ${CMAKE_BINARY_DIR}/scripts/base/bif DESTINATION ${BRO_SCRIPT_INSTALL_PATH}/base) +install(DIRECTORY ${CMAKE_BINARY_DIR}/scripts/base/bif DESTINATION ${ZEEK_SCRIPT_INSTALL_PATH}/base) # Create plugin directory at install time. install(DIRECTORY DESTINATION ${BRO_PLUGIN_INSTALL_PATH}) @@ -411,9 +411,9 @@ set_directory_properties(PROPERTIES ADDITIONAL_MAKE_CLEAN_FILES ${CMAKE_BINARY_D # place, yet make confuse us now. This makes upgrading easier. install(CODE " file(REMOVE_RECURSE - ${BRO_SCRIPT_INSTALL_PATH}/base/frameworks/logging/writers/dataseries.bro - ${BRO_SCRIPT_INSTALL_PATH}/base/frameworks/logging/writers/elasticsearch.bro - ${BRO_SCRIPT_INSTALL_PATH}/policy/tuning/logs-to-elasticsearch.bro + ${ZEEK_SCRIPT_INSTALL_PATH}/base/frameworks/logging/writers/dataseries.bro + ${ZEEK_SCRIPT_INSTALL_PATH}/base/frameworks/logging/writers/elasticsearch.bro + ${ZEEK_SCRIPT_INSTALL_PATH}/policy/tuning/logs-to-elasticsearch.bro ) ") diff --git a/src/File.cc b/src/File.cc index 57ec463337..861ae4dab0 100644 --- a/src/File.cc +++ b/src/File.cc @@ -18,15 +18,10 @@ #include #include -#include -#include -#include - #include #include "File.h" #include "Type.h" -#include "Timer.h" #include "Expr.h" #include "NetVar.h" #include "Net.h" @@ -34,46 +29,6 @@ #include "Event.h" #include "Reporter.h" -// Timer which on dispatching rotates the file. -class RotateTimer : public Timer { -public: - RotateTimer(double t, BroFile* f, bool arg_raise) : Timer(t, TIMER_ROTATE) - { file = f; raise = arg_raise; name = copy_string(f->Name()); } - ~RotateTimer(); - - void Dispatch(double t, int is_expire); - -protected: - BroFile* file; - bool raise; - const char* name; -}; - -RotateTimer::~RotateTimer() - { - if ( file->rotate_timer == this ) - file->rotate_timer = 0; - - delete [] name; - } - -void RotateTimer::Dispatch(double t, int is_expire) - { - file->rotate_timer = 0; - - if ( ! is_expire ) - { - if ( raise ) - { - Ref(file); - mgr.QueueEvent(rotate_interval, {new Val(file)}); - } - - file->InstallRotateTimer(); - } - } - - // The following could in principle be part of a "file manager" object. #define MAX_FILE_CACHE_SIZE 512 @@ -81,9 +36,6 @@ static int num_files_in_cache = 0; static BroFile* head = 0; static BroFile* tail = 0; -double BroFile::default_rotation_interval = 0; -double BroFile::default_rotation_size = 0; - // Maximizes the number of open file descriptors and returns the number // that we should use for the cache. static int maximize_num_fds() @@ -119,9 +71,6 @@ BroFile::BroFile(FILE* arg_f) name = access = 0; t = base_type(TYPE_STRING); is_open = (f != 0); - - if ( f ) - UpdateFileSize(); } BroFile::BroFile(FILE* arg_f, const char* arg_name, const char* arg_access) @@ -132,9 +81,6 @@ BroFile::BroFile(FILE* arg_f, const char* arg_name, const char* arg_access) access = copy_string(arg_access); t = base_type(TYPE_STRING); is_open = (f != 0); - - if ( f ) - UpdateFileSize(); } BroFile::BroFile(const char* arg_name, const char* arg_access, BroType* arg_t) @@ -193,16 +139,6 @@ bool BroFile::Open(FILE* file, const char* mode) f = file; - if ( default_rotation_interval && - (! attrs || ! attrs->FindAttr(ATTR_ROTATE_INTERVAL)) ) - rotate_interval = default_rotation_interval; - - if ( default_rotation_size && - (! attrs || ! attrs->FindAttr(ATTR_ROTATE_SIZE)) ) - rotate_size = default_rotation_size; - - InstallRotateTimer(); - if ( ! f ) { if ( ! mode ) @@ -221,7 +157,6 @@ bool BroFile::Open(FILE* file, const char* mode) is_open = okay_to_manage = 1; InsertAtBeginning(); - UpdateFileSize(); } else { @@ -243,7 +178,6 @@ BroFile::~BroFile() delete [] name; delete [] access; - delete [] cipher_buffer; #ifdef USE_PERFTOOLS_DEBUG heap_checker->UnIgnoreObject(this); @@ -255,18 +189,11 @@ void BroFile::Init() is_open = okay_to_manage = is_in_cache = 0; position = 0; next = prev = 0; - rotate_timer = 0; - rotate_interval = 0.0; - rotate_size = current_size = 0.0; - open_time = 0; attrs = 0; buffered = true; print_hook = true; raw_output = false; t = 0; - pub_key = 0; - cipher_ctx = 0; - cipher_buffer = 0; #ifdef USE_PERFTOOLS_DEBUG heap_checker->IgnoreObject(this); @@ -316,8 +243,6 @@ FILE* BroFile::BringIntoCache() return 0; } - UpdateFileSize(); - if ( fseek(f, position, SEEK_SET) < 0 ) { bro_strerror_r(errno, buf, sizeof(buf)); @@ -325,7 +250,6 @@ FILE* BroFile::BringIntoCache() } InsertAtBeginning(); - RaiseOpenEvent(); return f; @@ -355,17 +279,9 @@ void BroFile::SetBuf(bool arg_buffered) int BroFile::Close() { - if ( rotate_timer ) - { - timer_mgr->Cancel(rotate_timer); - rotate_timer = 0; - } - if ( ! is_open ) return 1; - FinishEncrypt(); - // Do not close stdin/stdout/stderr. if ( f == stdin || f == stdout || f == stderr ) return 0; @@ -516,33 +432,8 @@ void BroFile::SetAttrs(Attributes* arg_attrs) attrs = arg_attrs; Ref(attrs); - Attr* ef = attrs->FindAttr(ATTR_ROTATE_INTERVAL); - if ( ef ) - rotate_interval = ef->AttrExpr()->ExprVal()->AsInterval(); - - ef = attrs->FindAttr(ATTR_ROTATE_SIZE); - if ( ef ) - rotate_size = ef->AttrExpr()->ExprVal()->AsDouble(); - - ef = attrs->FindAttr(ATTR_ENCRYPT); - if ( ef ) - { - if ( ef->AttrExpr() ) - InitEncrypt(ef->AttrExpr()->ExprVal()->AsString()->CheckString()); - else - InitEncrypt(opt_internal_string("log_encryption_key")->CheckString()); - } - if ( attrs->FindAttr(ATTR_RAW_OUTPUT) ) EnableRawOutput(); - - InstallRotateTimer(); - } - -void BroFile::SetRotateInterval(double secs) - { - rotate_interval = secs; - InstallRotateTimer(); } RecordVal* BroFile::Rotate() @@ -576,178 +467,17 @@ RecordVal* BroFile::Rotate() return info; } -void BroFile::InstallRotateTimer() - { - if ( terminating ) - return; - - if ( rotate_timer ) - { - timer_mgr->Cancel(rotate_timer); - rotate_timer = 0; - } - - if ( rotate_interval ) - { - // When this is called for the first time, network_time can - // still be zero. If so, we set a timer which fires - // immediately but doesn't rotate when it expires. - - if ( ! network_time ) - rotate_timer = new RotateTimer(1, this, false); - else - { - if ( ! open_time ) - open_time = network_time; - - const char* base_time = log_rotate_base_time ? - log_rotate_base_time->AsString()->CheckString() : 0; - - double base = parse_rotate_base_time(base_time); - double delta_t = - calc_next_rotate(network_time, rotate_interval, base); - rotate_timer = new RotateTimer(network_time + delta_t, - this, true); - } - - timer_mgr->Add(rotate_timer); - } - } - -void BroFile::SetDefaultRotation(double interval, double max_size) - { - for ( BroFile* f = head; f; f = f->next ) - { - if ( ! (f->attrs && f->attrs->FindAttr(ATTR_ROTATE_INTERVAL)) ) - { - f->rotate_interval = interval; - f->InstallRotateTimer(); - } - - if ( ! (f->attrs && f->attrs->FindAttr(ATTR_ROTATE_SIZE)) ) - f->rotate_size = max_size; - } - - default_rotation_interval = interval; - default_rotation_size = max_size; - } - void BroFile::CloseCachedFiles() { BroFile* next; for ( BroFile* f = head; f; f = next ) { - // Send final rotate events (immediately). - if ( f->rotate_interval ) - { - Ref(f); - Event* event = new Event(::rotate_interval, {new Val(f)}); - mgr.Dispatch(event, true); - } - - if ( f->rotate_size ) - { - Ref(f); - Event* event = new ::Event(::rotate_size, {new Val(f)}); - mgr.Dispatch(event, true); - } - next = f->next; if ( f->is_in_cache ) f->Close(); } } -void BroFile::InitEncrypt(const char* keyfile) - { - if ( ! (pub_key || keyfile) ) - return; - - if ( ! pub_key ) - { - FILE* key = fopen(keyfile, "r"); - - if ( ! key ) - { - reporter->Error("can't open key file %s: %s", keyfile, strerror(errno)); - Close(); - return; - } - - pub_key = PEM_read_PUBKEY(key, 0, 0, 0); - if ( ! pub_key ) - { - reporter->Error("can't read key from %s: %s", keyfile, - ERR_error_string(ERR_get_error(), 0)); - Close(); - return; - } - } - - // Depending on the OpenSSL version, EVP_*_cbc() - // returns a const or a non-const. - EVP_CIPHER* cipher_type = (EVP_CIPHER*) EVP_bf_cbc(); - cipher_ctx = EVP_CIPHER_CTX_new(); - - unsigned char secret[EVP_PKEY_size(pub_key)]; - unsigned char* psecret = secret; - unsigned int secret_len; - - int iv_len = EVP_CIPHER_iv_length(cipher_type); - unsigned char iv[iv_len]; - - if ( ! EVP_SealInit(cipher_ctx, cipher_type, &psecret, - (int*) &secret_len, iv, &pub_key, 1) ) - { - reporter->Error("can't init cipher context for %s: %s", keyfile, - ERR_error_string(ERR_get_error(), 0)); - Close(); - return; - } - - secret_len = htonl(secret_len); - - if ( fwrite("BROENC1", 7, 1, f) < 1 || - fwrite(&secret_len, sizeof(secret_len), 1, f) < 1 || - fwrite(secret, ntohl(secret_len), 1, f) < 1 || - fwrite(iv, iv_len, 1, f) < 1 ) - { - reporter->Error("can't write header to log file %s: %s", - name, strerror(errno)); - Close(); - return; - } - - int buf_size = MIN_BUFFER_SIZE + EVP_CIPHER_block_size(cipher_type); - cipher_buffer = new unsigned char[buf_size]; - } - -void BroFile::FinishEncrypt() - { - if ( ! is_open ) - return; - - if ( ! pub_key ) - return; - - if ( cipher_ctx ) - { - int outl; - EVP_SealFinal(cipher_ctx, cipher_buffer, &outl); - - if ( outl && fwrite(cipher_buffer, outl, 1, f) < 1 ) - { - reporter->Error("write error for %s: %s", - name, strerror(errno)); - return; - } - - EVP_CIPHER_CTX_free(cipher_ctx); - cipher_ctx = 0; - } - } - - int BroFile::Write(const char* data, int len) { if ( ! is_open ) @@ -759,50 +489,9 @@ int BroFile::Write(const char* data, int len) if ( ! len ) len = strlen(data); - if ( cipher_ctx ) - { - while ( len ) - { - int outl; - int inl = min(+MIN_BUFFER_SIZE, len); - - if ( ! EVP_SealUpdate(cipher_ctx, cipher_buffer, &outl, - (unsigned char*)data, inl) ) - { - reporter->Error("encryption error for %s: %s", - name, - ERR_error_string(ERR_get_error(), 0)); - Close(); - return 0; - } - - if ( outl && fwrite(cipher_buffer, outl, 1, f) < 1 ) - { - reporter->Error("write error for %s: %s", - name, strerror(errno)); - Close(); - return 0; - } - - data += inl; - len -= inl; - } - - return 1; - } - if ( fwrite(data, len, 1, f) < 1 ) return false; - if ( rotate_size && current_size < rotate_size && current_size + len >= rotate_size ) - { - mgr.QueueEvent(::rotate_size, {new Val(this)}); - } - - // This does not work if we seek around. But none of the logs does that - // and we avoid stat()'ing the file all the time. - current_size += len; - return true; } @@ -816,17 +505,17 @@ void BroFile::RaiseOpenEvent() mgr.Dispatch(event, true); } -void BroFile::UpdateFileSize() +double BroFile::Size() { + fflush(f); struct stat s; if ( fstat(fileno(f), &s) < 0 ) { reporter->Error("can't stat fd for %s: %s", name, strerror(errno)); - current_size = 0; - return; + return 0; } - current_size = double(s.st_size); + return s.st_size; } bool BroFile::Serialize(SerialInfo* info) const @@ -887,10 +576,6 @@ BroFile* BroFile::Unserialize(UnserialInfo* info) // *never* be closed anymore (as long the file cache does not overflow). Ref(file); - // We deliberately override log rotation attributes with our defaults. - file->rotate_interval = log_rotate_interval; - file->rotate_size = log_max_size; - file->InstallRotateTimer(); file->SetBuf(file->buffered); return file; diff --git a/src/File.h b/src/File.h index 3660d3caa4..b0ad571435 100644 --- a/src/File.h +++ b/src/File.h @@ -12,13 +12,7 @@ # include # endif // NEED_KRB5_H -// From OpenSSL. We forward-declare these here to avoid introducing a -// dependency on OpenSSL headers just for this header file. -typedef struct evp_pkey_st EVP_PKEY; -typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX; - class BroType; -class RotateTimer; class BroFile : public BroObj { public: @@ -51,21 +45,14 @@ public: void Describe(ODesc* d) const override; - void SetRotateInterval(double secs); - // Rotates the logfile. Returns rotate_info. RecordVal* Rotate(); - // Set &rotate_interval, &rotate_size, - // and &raw_output attributes. + // Set &raw_output attribute. void SetAttrs(Attributes* attrs); // Returns the current size of the file, after fresh stat'ing. - double Size() { fflush(f); UpdateFileSize(); return current_size; } - - // Set rotate/postprocessor for all files that don't define them - // by their own. (interval/max_size=0 for no rotation; size in bytes). - static void SetDefaultRotation(double interval, double max_size); + double Size(); // Close all files which are managed by us. static void CloseCachedFiles(); @@ -83,8 +70,6 @@ public: static BroFile* Unserialize(UnserialInfo* info); protected: - friend class RotateTimer; - BroFile() { Init(); } void Init(); @@ -105,7 +90,6 @@ protected: void Unlink(); void InsertAtBeginning(); void MoveToBeginning(); - void InstallRotateTimer(); // Returns nil if the file is not active, was in error, etc. // (Protected because we do not want anyone to write directly @@ -113,17 +97,9 @@ protected: FILE* File(); FILE* BringIntoCache(); - // Stats the file to get its current size. - void UpdateFileSize(); - // Raises a file_opened event. void RaiseOpenEvent(); - // Initialize encryption with the given public key. - void InitEncrypt(const char* keyfile); - // Finalize encryption. - void FinishEncrypt(); - DECLARE_SERIAL(BroFile); FILE* f; @@ -137,28 +113,12 @@ protected: BroFile* next; // doubly-linked list of cached files BroFile* prev; Attributes* attrs; - double rotate_interval; bool buffered; - - // Sizes are double's so that it's easy to specify large - // ones with scientific notation, and so they can exceed 4GB. - double rotate_size; - double current_size; - - Timer* rotate_timer; double open_time; bool print_hook; bool raw_output; - static double default_rotation_interval; - static double default_rotation_size; - - EVP_PKEY* pub_key; - EVP_CIPHER_CTX* cipher_ctx; - static const int MIN_BUFFER_SIZE = 1024; - unsigned char* cipher_buffer; - }; #endif diff --git a/src/ID.cc b/src/ID.cc index 48b8aee6b9..89a320a5e0 100644 --- a/src/ID.cc +++ b/src/ID.cc @@ -64,16 +64,6 @@ void ID::SetVal(Val* v, Opcode op, bool arg_weak_ref) { if ( op != OP_NONE ) { - if ( type && val && type->Tag() == TYPE_TABLE && - val->AsTableVal()->FindAttr(ATTR_MERGEABLE) && - v->AsTableVal()->FindAttr(ATTR_MERGEABLE) ) - { - StateAccess::Log(new StateAccess(OP_ASSIGN, this, - v, val)); - v->AsTableVal()->AddTo(val->AsTableVal(), 0, false); - return; - } - MutableVal::Properties props = 0; if ( attrs && attrs->FindAttr(ATTR_TRACKED) ) diff --git a/src/NetVar.cc b/src/NetVar.cc index d45ecd2693..3717f0c90f 100644 --- a/src/NetVar.cc +++ b/src/NetVar.cc @@ -155,9 +155,6 @@ RecordType* packet_type; double connection_status_update_interval; -StringVal* state_dir; -double state_write_delay; - int orig_addr_anonymization, resp_addr_anonymization; int other_addr_anonymization; TableVal* preserve_orig_addr; @@ -165,10 +162,7 @@ TableVal* preserve_resp_addr; TableVal* preserve_other_addr; int max_files_in_cache; -double log_rotate_interval; -double log_max_size; RecordType* rotate_info; -StringVal* log_encryption_key; StringVal* log_rotate_base_time; StringVal* peer_description; @@ -245,14 +239,8 @@ void init_general_global_var() table_expire_delay = opt_internal_double("table_expire_delay"); table_incremental_step = opt_internal_int("table_incremental_step"); - state_dir = internal_val("state_dir")->AsStringVal(); - state_write_delay = opt_internal_double("state_write_delay"); - max_files_in_cache = opt_internal_int("max_files_in_cache"); - log_rotate_interval = opt_internal_double("log_rotate_interval"); - log_max_size = opt_internal_double("log_max_size"); rotate_info = internal_type("rotate_info")->AsRecordType(); - log_encryption_key = opt_internal_string("log_encryption_key"); log_rotate_base_time = opt_internal_string("log_rotate_base_time"); peer_description = diff --git a/src/NetVar.h b/src/NetVar.h index 92d717f50a..30c9003dc4 100644 --- a/src/NetVar.h +++ b/src/NetVar.h @@ -164,14 +164,8 @@ extern TableVal* preserve_other_addr; extern double connection_status_update_interval; -extern StringVal* state_dir; -extern double state_write_delay; - extern int max_files_in_cache; -extern double log_rotate_interval; -extern double log_max_size; extern RecordType* rotate_info; -extern StringVal* log_encryption_key; extern StringVal* log_rotate_base_time; extern StringVal* peer_description; diff --git a/src/StateAccess.cc b/src/StateAccess.cc index 134cca5db5..abcd7aad66 100644 --- a/src/StateAccess.cc +++ b/src/StateAccess.cc @@ -133,29 +133,6 @@ void StateAccess::RefThem() Ref(op3); } -bool StateAccess::MergeTables(TableVal* dst, Val* src) - { - if ( src->Type()->Tag() != TYPE_TABLE ) - { - reporter->Error("type mismatch while merging tables"); - return false; - } - - if ( ! src->AsTableVal()->FindAttr(ATTR_MERGEABLE) ) - return false; - - DBG_LOG(DBG_STATE, "merging tables %s += %s", dst->UniqueID()->Name(), - src->AsTableVal()->UniqueID()->Name()); - - src->AsTableVal()->AddTo(dst, 0); - - // We need to make sure that the resulting table is accessible by - // the new name (while keeping the old as an alias). - dst->TransferUniqueID(src->AsMutableVal()); - - return true; - } - static Val* GetInteger(bro_int_t n, TypeTag t) { if ( t == TYPE_INT ) @@ -192,11 +169,6 @@ void StateAccess::Replay() // There mustn't be a direct assignment to a unique ID. assert(target.id->Name()[0] != '#'); - if ( t == TYPE_TABLE && v && - v->AsTableVal()->FindAttr(ATTR_MERGEABLE) ) - if ( MergeTables(v->AsTableVal(), op1.val) ) - break; - target.id->SetVal(op1.val->Ref()); break; @@ -220,18 +192,6 @@ void StateAccess::Replay() if ( t == TYPE_TABLE ) { assert(op2); - - BroType* yt = v->Type()->AsTableType()->YieldType(); - - if ( yt && yt->Tag() == TYPE_TABLE ) - { - TableVal* tv = v->AsTableVal(); - Val* w = tv->Lookup(op1.val); - if ( w && w->AsTableVal()->FindAttr(ATTR_MERGEABLE) ) - if ( MergeTables(w->AsTableVal(), op2) ) - break; - } - v->AsTableVal()->Assign(op1.val, op2 ? op2->Ref() : 0); } @@ -241,20 +201,7 @@ void StateAccess::Replay() int idx = v->Type()->AsRecordType()->FieldOffset(field); if ( idx >= 0 ) - { - BroType* ft = v->Type()->AsRecordType()->FieldType(field); - - if ( ft && ft->Tag() == TYPE_TABLE ) - { - RecordVal* rv = v->AsRecordVal(); - Val* w = rv->Lookup(idx); - if ( w && w->AsTableVal()->FindAttr(ATTR_MERGEABLE) ) - if ( MergeTables(w->AsTableVal(), op2) ) - break; - } - v->AsRecordVal()->Assign(idx, op2 ? op2->Ref() : 0); - } else reporter->Error("access replay: unknown record field %s for assign", field); } @@ -263,18 +210,6 @@ void StateAccess::Replay() { assert(op2); bro_uint_t index = op1.val->AsCount(); - - BroType* yt = v->Type()->AsVectorType()->YieldType(); - - if ( yt && yt->Tag() == TYPE_TABLE ) - { - VectorVal* vv = v->AsVectorVal(); - Val* w = vv->Lookup(index); - if ( w && w->AsTableVal()->FindAttr(ATTR_MERGEABLE) ) - if ( MergeTables(w->AsTableVal(), op2) ) - break; - } - v->AsVectorVal()->Assign(index, op2 ? op2->Ref() : 0); } diff --git a/src/StateAccess.h b/src/StateAccess.h index 8530ec1d91..1ef1e2b8da 100644 --- a/src/StateAccess.h +++ b/src/StateAccess.h @@ -74,8 +74,6 @@ private: StateAccess() { target.id = 0; op1.val = op2 = op3 = 0; } void RefThem(); - bool MergeTables(TableVal* dst, Val* src); - DECLARE_SERIAL(StateAccess); Opcode opcode; diff --git a/src/Val.cc b/src/Val.cc index ce8e135aec..3c6c312d43 100644 --- a/src/Val.cc +++ b/src/Val.cc @@ -1555,24 +1555,6 @@ int TableVal::Assign(Val* index, HashKey* k, Val* new_val, Opcode op) if ( (is_set && new_val) || (! is_set && ! new_val) ) InternalWarning("bad set/table in TableVal::Assign"); - BroType* yt = Type()->AsTableType()->YieldType(); - - if ( yt && yt->Tag() == TYPE_TABLE && - new_val->AsTableVal()->FindAttr(ATTR_MERGEABLE) ) - { - // Join two mergeable sets. - Val* old = Lookup(index, false); - if ( old && old->AsTableVal()->FindAttr(ATTR_MERGEABLE) ) - { - if ( LoggingAccess() && op != OP_NONE ) - StateAccess::Log(new StateAccess(OP_ASSIGN_IDX, - this, index, new_val, old)); - new_val->AsTableVal()->AddTo(old->AsTableVal(), 0, false); - Unref(new_val); - return 1; - } - } - TableEntryVal* new_entry_val = new TableEntryVal(new_val); HashKey k_copy(k->Key(), k->Size(), k->Hash()); TableEntryVal* old_entry_val = AsNonConstTable()->Insert(k, new_entry_val); @@ -2961,27 +2943,6 @@ RecordVal::~RecordVal() void RecordVal::Assign(int field, Val* new_val, Opcode op) { - if ( new_val && Lookup(field) && - record_type->FieldType(field)->Tag() == TYPE_TABLE && - new_val->AsTableVal()->FindAttr(ATTR_MERGEABLE) ) - { - // Join two mergeable sets. - Val* old = Lookup(field); - if ( old->AsTableVal()->FindAttr(ATTR_MERGEABLE) ) - { - if ( LoggingAccess() && op != OP_NONE ) - { - StringVal* index = new StringVal(Type()->AsRecordType()->FieldName(field)); - StateAccess::Log(new StateAccess(OP_ASSIGN_IDX, this, index, new_val, old)); - Unref(index); - } - - new_val->AsTableVal()->AddTo(old->AsTableVal(), 0, false); - Unref(new_val); - return; - } - } - Val* old_val = AsNonConstRecord()->replace(field, new_val); if ( LoggingAccess() && op != OP_NONE ) @@ -3367,30 +3328,6 @@ bool VectorVal::Assign(unsigned int index, Val* element, Opcode op) return false; } - BroType* yt = Type()->AsVectorType()->YieldType(); - - if ( yt && yt->Tag() == TYPE_TABLE && - element->AsTableVal()->FindAttr(ATTR_MERGEABLE) ) - { - // Join two mergeable sets. - Val* old = Lookup(index); - if ( old && old->AsTableVal()->FindAttr(ATTR_MERGEABLE) ) - { - if ( LoggingAccess() && op != OP_NONE ) - { - Val* ival = val_mgr->GetCount(index); - StateAccess::Log(new StateAccess(OP_ASSIGN_IDX, - this, ival, element, - (*val.vector_val)[index])); - Unref(ival); - } - - element->AsTableVal()->AddTo(old->AsTableVal(), 0, false); - Unref(element); - return true; - } - } - Val* val_at_index = 0; if ( index < val.vector_val->size() ) diff --git a/src/analyzer/CMakeLists.txt b/src/analyzer/CMakeLists.txt index 20b53d7ca8..4dc2830737 100644 --- a/src/analyzer/CMakeLists.txt +++ b/src/analyzer/CMakeLists.txt @@ -1,5 +1,5 @@ -include(BroSubdir) +include(ZeekSubdir) include_directories(BEFORE ${CMAKE_CURRENT_SOURCE_DIR} diff --git a/src/analyzer/protocol/tcp/TCP_Reassembler.cc b/src/analyzer/protocol/tcp/TCP_Reassembler.cc index fcd8237c55..bfcb2c9c5f 100644 --- a/src/analyzer/protocol/tcp/TCP_Reassembler.cc +++ b/src/analyzer/protocol/tcp/TCP_Reassembler.cc @@ -106,9 +106,6 @@ void TCP_Reassembler::SetContentsFile(BroFile* f) RecordToSeq(blocks->seq, last_reassem_seq, f); } - // Don't want rotation on these files. - f->SetRotateInterval(0); - Ref(f); record_contents_file = f; } diff --git a/src/bro.bif b/src/bro.bif index b356c91fe8..02d39904a5 100644 --- a/src/bro.bif +++ b/src/bro.bif @@ -3523,7 +3523,7 @@ function lookup_addr%(host: addr%) : string ## Issues an asynchronous TEXT DNS lookup and delays the function result. ## This function can therefore only be called inside a ``when`` condition, -## e.g., ``when ( local h = lookup_hostname_txt("www.bro.org") ) { f(h); }``. +## e.g., ``when ( local h = lookup_hostname_txt("www.zeek.org") ) { f(h); }``. ## ## host: The hostname to lookup. ## @@ -3552,7 +3552,7 @@ function lookup_hostname_txt%(host: string%) : string ## Issues an asynchronous DNS lookup and delays the function result. ## This function can therefore only be called inside a ``when`` condition, -## e.g., ``when ( local h = lookup_hostname("www.bro.org") ) { f(h); }``. +## e.g., ``when ( local h = lookup_hostname("www.zeek.org") ) { f(h); }``. ## ## host: The hostname to lookup. ## @@ -4904,7 +4904,7 @@ function capture_events%(filename: string%) : bool (const char*) filename->CheckString())); %} -## Writes state updates generated by :zeek:attr:`&synchronized` variables to a +## Writes state updates generated by synchronized variables to a ## file. ## ## filename: The name of the file which stores the state updates. diff --git a/src/broker/CMakeLists.txt b/src/broker/CMakeLists.txt index e3a3a73661..08e02597e7 100644 --- a/src/broker/CMakeLists.txt +++ b/src/broker/CMakeLists.txt @@ -1,4 +1,4 @@ -include(BroSubdir) +include(ZeekSubdir) include_directories(BEFORE ${CMAKE_CURRENT_SOURCE_DIR} diff --git a/src/event.bif b/src/event.bif index fd432feb84..549f1b35fc 100644 --- a/src/event.bif +++ b/src/event.bif @@ -884,11 +884,5 @@ event gaobot_signature_found%(c: connection%); ## Deprecated. Will be removed. event anonymization_mapping%(orig: addr, mapped: addr%); -## Deprecated. Will be removed. -event rotate_interval%(f: file%); - -## Deprecated. Will be removed. -event rotate_size%(f: file%); - ## Deprecated. Will be removed. event print_hook%(f:file, s: string%); diff --git a/src/file_analysis/CMakeLists.txt b/src/file_analysis/CMakeLists.txt index 34dc8d5387..f9a2758920 100644 --- a/src/file_analysis/CMakeLists.txt +++ b/src/file_analysis/CMakeLists.txt @@ -1,4 +1,4 @@ -include(BroSubdir) +include(ZeekSubdir) include_directories(BEFORE ${CMAKE_CURRENT_SOURCE_DIR} diff --git a/src/input/CMakeLists.txt b/src/input/CMakeLists.txt index b1c79d2bd0..c928451cb3 100644 --- a/src/input/CMakeLists.txt +++ b/src/input/CMakeLists.txt @@ -1,5 +1,5 @@ -include(BroSubdir) +include(ZeekSubdir) include_directories(BEFORE ${CMAKE_CURRENT_SOURCE_DIR} diff --git a/src/iosource/CMakeLists.txt b/src/iosource/CMakeLists.txt index 27c42e9a40..f7497c7fe6 100644 --- a/src/iosource/CMakeLists.txt +++ b/src/iosource/CMakeLists.txt @@ -1,5 +1,5 @@ -include(BroSubdir) +include(ZeekSubdir) include_directories(BEFORE ${CMAKE_CURRENT_SOURCE_DIR} diff --git a/src/logging/CMakeLists.txt b/src/logging/CMakeLists.txt index 6553e2170f..05478f240b 100644 --- a/src/logging/CMakeLists.txt +++ b/src/logging/CMakeLists.txt @@ -1,5 +1,5 @@ -include(BroSubdir) +include(ZeekSubdir) include_directories(BEFORE ${CMAKE_CURRENT_SOURCE_DIR} diff --git a/src/main.cc b/src/main.cc index 414de5c7e4..2e2ecf76b7 100644 --- a/src/main.cc +++ b/src/main.cc @@ -161,7 +161,7 @@ void usage(int code = 1) fprintf(stderr, " -a|--parse-only | exit immediately after parsing scripts\n"); fprintf(stderr, " -b|--bare-mode | don't load scripts from the base/ directory\n"); fprintf(stderr, " -d|--debug-policy | activate policy file debugging\n"); - fprintf(stderr, " -e|--exec | augment loaded policies by given code\n"); + fprintf(stderr, " -e|--exec | augment loaded policies by given code\n"); fprintf(stderr, " -f|--filter | tcpdump filter\n"); fprintf(stderr, " -h|--help | command line help\n"); fprintf(stderr, " -i|--iface | read from given interface\n"); @@ -944,8 +944,6 @@ int main(int argc, char** argv) if ( dns_type != DNS_PRIME ) net_init(interfaces, read_files, writefile, do_watchdog); - BroFile::SetDefaultRotation(log_rotate_interval, log_max_size); - net_done = internal_handler("net_done"); if ( ! g_policy_debug ) diff --git a/src/parse.y b/src/parse.y index 13c15cad8f..2861b95dc8 100644 --- a/src/parse.y +++ b/src/parse.y @@ -5,7 +5,7 @@ // Switching parser table type fixes ambiguity problems. %define lr.type ielr -%expect 129 +%expect 103 %token TOK_ADD TOK_ADD_TO TOK_ADDR TOK_ANY %token TOK_ATENDIF TOK_ATELSE TOK_ATIF TOK_ATIFDEF TOK_ATIFNDEF @@ -21,11 +21,10 @@ %token TOK_TIME TOK_TIMEOUT TOK_TIMER TOK_TYPE TOK_UNION TOK_VECTOR TOK_WHEN %token TOK_WHILE TOK_AS TOK_IS -%token TOK_ATTR_ADD_FUNC TOK_ATTR_ENCRYPT TOK_ATTR_DEFAULT -%token TOK_ATTR_OPTIONAL TOK_ATTR_REDEF TOK_ATTR_ROTATE_INTERVAL -%token TOK_ATTR_ROTATE_SIZE TOK_ATTR_DEL_FUNC TOK_ATTR_EXPIRE_FUNC +%token TOK_ATTR_ADD_FUNC TOK_ATTR_DEFAULT TOK_ATTR_OPTIONAL TOK_ATTR_REDEF +%token TOK_ATTR_DEL_FUNC TOK_ATTR_EXPIRE_FUNC %token TOK_ATTR_EXPIRE_CREATE TOK_ATTR_EXPIRE_READ TOK_ATTR_EXPIRE_WRITE -%token TOK_ATTR_RAW_OUTPUT TOK_ATTR_MERGEABLE +%token TOK_ATTR_RAW_OUTPUT %token TOK_ATTR_PRIORITY TOK_ATTR_LOG TOK_ATTR_ERROR_HANDLER %token TOK_ATTR_TYPE_COLUMN TOK_ATTR_DEPRECATED @@ -1291,10 +1290,6 @@ attr: { $$ = new Attr(ATTR_OPTIONAL); } | TOK_ATTR_REDEF { $$ = new Attr(ATTR_REDEF); } - | TOK_ATTR_ROTATE_INTERVAL '=' expr - { $$ = new Attr(ATTR_ROTATE_INTERVAL, $3); } - | TOK_ATTR_ROTATE_SIZE '=' expr - { $$ = new Attr(ATTR_ROTATE_SIZE, $3); } | TOK_ATTR_ADD_FUNC '=' expr { $$ = new Attr(ATTR_ADD_FUNC, $3); } | TOK_ATTR_DEL_FUNC '=' expr @@ -1307,14 +1302,8 @@ attr: { $$ = new Attr(ATTR_EXPIRE_READ, $3); } | TOK_ATTR_EXPIRE_WRITE '=' expr { $$ = new Attr(ATTR_EXPIRE_WRITE, $3); } - | TOK_ATTR_ENCRYPT - { $$ = new Attr(ATTR_ENCRYPT); } - | TOK_ATTR_ENCRYPT '=' expr - { $$ = new Attr(ATTR_ENCRYPT, $3); } | TOK_ATTR_RAW_OUTPUT { $$ = new Attr(ATTR_RAW_OUTPUT); } - | TOK_ATTR_MERGEABLE - { $$ = new Attr(ATTR_MERGEABLE); } | TOK_ATTR_PRIORITY '=' expr { $$ = new Attr(ATTR_PRIORITY, $3); } | TOK_ATTR_TYPE_COLUMN '=' expr diff --git a/src/probabilistic/CMakeLists.txt b/src/probabilistic/CMakeLists.txt index b845ecc7a2..976932c3fb 100644 --- a/src/probabilistic/CMakeLists.txt +++ b/src/probabilistic/CMakeLists.txt @@ -1,5 +1,5 @@ -include(BroSubdir) +include(ZeekSubdir) include_directories(BEFORE ${CMAKE_CURRENT_SOURCE_DIR} diff --git a/src/scan.l b/src/scan.l index 21b3e0dcf4..7e4e2e8d61 100644 --- a/src/scan.l +++ b/src/scan.l @@ -300,26 +300,6 @@ when return TOK_WHEN; &redef return TOK_ATTR_REDEF; &write_expire return TOK_ATTR_EXPIRE_WRITE; -&encrypt { - deprecated_attr(yytext); - return TOK_ATTR_ENCRYPT; - } - -&mergeable { - deprecated_attr(yytext); - return TOK_ATTR_MERGEABLE; - } - -&rotate_interval { - deprecated_attr(yytext); - return TOK_ATTR_ROTATE_INTERVAL; - } - -&rotate_size { - deprecated_attr(yytext); - return TOK_ATTR_ROTATE_SIZE; - } - @deprecated.* { auto num_files = file_stack.length(); auto comment = skip_whitespace(yytext + 11); diff --git a/src/util-config.h.in b/src/util-config.h.in index c0817b7f5f..efe0179390 100644 --- a/src/util-config.h.in +++ b/src/util-config.h.in @@ -1,3 +1,3 @@ -#define BRO_SCRIPT_INSTALL_PATH "@BRO_SCRIPT_INSTALL_PATH@" +#define ZEEK_SCRIPT_INSTALL_PATH "@ZEEK_SCRIPT_INSTALL_PATH@" #define BRO_PLUGIN_INSTALL_PATH "@BRO_PLUGIN_INSTALL_PATH@" -#define DEFAULT_BROPATH "@DEFAULT_BROPATH@" +#define DEFAULT_ZEEKPATH "@DEFAULT_ZEEKPATH@" diff --git a/src/util.cc b/src/util.cc index 3551e5c8b0..5c057d37c1 100644 --- a/src/util.cc +++ b/src/util.cc @@ -961,7 +961,7 @@ const std::string& bro_path() const char* path = getenv("BROPATH"); if ( ! path ) - path = DEFAULT_BROPATH; + path = DEFAULT_ZEEKPATH; bro_path_value = path; } diff --git a/src/zeekygen/CMakeLists.txt b/src/zeekygen/CMakeLists.txt index de50378f5a..79abc56f94 100644 --- a/src/zeekygen/CMakeLists.txt +++ b/src/zeekygen/CMakeLists.txt @@ -1,6 +1,6 @@ # See the file "COPYING" in the main distribution directory for copyright. -include(BroSubdir) +include(ZeekSubdir) include_directories(BEFORE ${CMAKE_CURRENT_SOURCE_DIR} diff --git a/testing/btest/Baseline/plugins.legacy/output b/testing/btest/Baseline/plugins.legacy/output new file mode 100644 index 0000000000..675a884b16 --- /dev/null +++ b/testing/btest/Baseline/plugins.legacy/output @@ -0,0 +1,6 @@ +Demo::Foo - A Foo test analyzer (dynamic, version 1.0.0) + [Analyzer] Foo (ANALYZER_FOO, enabled) + [Event] foo_message + +=== +foo_message, [orig_h=::1, orig_p=37927/tcp, resp_h=::1, resp_p=4242/tcp], Hello, Foo!\x0a diff --git a/testing/btest/bifs/x509_verify.zeek b/testing/btest/bifs/x509_verify.zeek index 2786ee04b4..35d61a03e6 100644 --- a/testing/btest/bifs/x509_verify.zeek +++ b/testing/btest/bifs/x509_verify.zeek @@ -8,7 +8,7 @@ # @TEST-EXEC: cp .stdout stdout-openssl-1.0 # @TEST-EXEC: cp .stdout stdout-openssl-1.1 -# @TEST-EXEC: grep -q "BRO_HAVE_OPENSSL_1_1" $BUILD/CMakeCache.txt && btest-diff stdout-openssl-1.1 || btest-diff stdout-openssl-1.0 +# @TEST-EXEC: grep -q "ZEEK_HAVE_OPENSSL_1_1" $BUILD/CMakeCache.txt && btest-diff stdout-openssl-1.1 || btest-diff stdout-openssl-1.0 redef SSL::root_certs += { ["OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US"] = "\x30\x82\x02\x3C\x30\x82\x01\xA5\x02\x10\x70\xBA\xE4\x1D\x10\xD9\x29\x34\xB6\x38\xCA\x7B\x03\xCC\xBA\xBF\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x02\x05\x00\x30\x5F\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x55\x53\x31\x17\x30\x15\x06\x03\x55\x04\x0A\x13\x0E\x56\x65\x72\x69\x53\x69\x67\x6E\x2C\x20\x49\x6E\x63\x2E\x31\x37\x30\x35\x06\x03\x55\x04\x0B\x13\x2E\x43\x6C\x61\x73\x73\x20\x33\x20\x50\x75\x62\x6C\x69\x63\x20\x50\x72\x69\x6D\x61\x72\x79\x20\x43\x65\x72\x74\x69\x66\x69\x63\x61\x74\x69\x6F\x6E\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x30\x1E\x17\x0D\x39\x36\x30\x31\x32\x39\x30\x30\x30\x30\x30\x30\x5A\x17\x0D\x32\x38\x30\x38\x30\x31\x32\x33\x35\x39\x35\x39\x5A\x30\x5F\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x55\x53\x31\x17\x30\x15\x06\x03\x55\x04\x0A\x13\x0E\x56\x65\x72\x69\x53\x69\x67\x6E\x2C\x20\x49\x6E\x63\x2E\x31\x37\x30\x35\x06\x03\x55\x04\x0B\x13\x2E\x43\x6C\x61\x73\x73\x20\x33\x20\x50\x75\x62\x6C\x69\x63\x20\x50\x72\x69\x6D\x61\x72\x79\x20\x43\x65\x72\x74\x69\x66\x69\x63\x61\x74\x69\x6F\x6E\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x30\x81\x9F\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01\x05\x00\x03\x81\x8D\x00\x30\x81\x89\x02\x81\x81\x00\xC9\x5C\x59\x9E\xF2\x1B\x8A\x01\x14\xB4\x10\xDF\x04\x40\xDB\xE3\x57\xAF\x6A\x45\x40\x8F\x84\x0C\x0B\xD1\x33\xD9\xD9\x11\xCF\xEE\x02\x58\x1F\x25\xF7\x2A\xA8\x44\x05\xAA\xEC\x03\x1F\x78\x7F\x9E\x93\xB9\x9A\x00\xAA\x23\x7D\xD6\xAC\x85\xA2\x63\x45\xC7\x72\x27\xCC\xF4\x4C\xC6\x75\x71\xD2\x39\xEF\x4F\x42\xF0\x75\xDF\x0A\x90\xC6\x8E\x20\x6F\x98\x0F\xF8\xAC\x23\x5F\x70\x29\x36\xA4\xC9\x86\xE7\xB1\x9A\x20\xCB\x53\xA5\x85\xE7\x3D\xBE\x7D\x9A\xFE\x24\x45\x33\xDC\x76\x15\xED\x0F\xA2\x71\x64\x4C\x65\x2E\x81\x68\x45\xA7\x02\x03\x01\x00\x01\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x02\x05\x00\x03\x81\x81\x00\xBB\x4C\x12\x2B\xCF\x2C\x26\x00\x4F\x14\x13\xDD\xA6\xFB\xFC\x0A\x11\x84\x8C\xF3\x28\x1C\x67\x92\x2F\x7C\xB6\xC5\xFA\xDF\xF0\xE8\x95\xBC\x1D\x8F\x6C\x2C\xA8\x51\xCC\x73\xD8\xA4\xC0\x53\xF0\x4E\xD6\x26\xC0\x76\x01\x57\x81\x92\x5E\x21\xF1\xD1\xB1\xFF\xE7\xD0\x21\x58\xCD\x69\x17\xE3\x44\x1C\x9C\x19\x44\x39\x89\x5C\xDC\x9C\x00\x0F\x56\x8D\x02\x99\xED\xA2\x90\x45\x4C\xE4\xBB\x10\xA4\x3D\xF0\x32\x03\x0E\xF1\xCE\xF8\xE8\xC9\x51\x8C\xE6\x62\x9F\xE6\x9F\xC0\x7D\xB7\x72\x9C\xC9\x36\x3A\x6B\x9F\x4E\xA8\xFF\x64\x0D\x64" diff --git a/testing/btest/plugins/file-plugin/CMakeLists.txt b/testing/btest/plugins/file-plugin/CMakeLists.txt index 4823ddb08f..d2af209beb 100644 --- a/testing/btest/plugins/file-plugin/CMakeLists.txt +++ b/testing/btest/plugins/file-plugin/CMakeLists.txt @@ -1,5 +1,5 @@ -project(Bro-Plugin-Demo-Foo) +project(Zeek-Plugin-Demo-Foo) cmake_minimum_required(VERSION 2.6.3) @@ -9,10 +9,10 @@ endif () set(CMAKE_MODULE_PATH ${BRO_DIST}/cmake) -include(BroPlugin) +include(ZeekPlugin) -bro_plugin_begin(Demo Foo) -bro_plugin_cc(src/Plugin.cc) -bro_plugin_cc(src/Foo.cc) -bro_plugin_bif(src/events.bif) -bro_plugin_end() +zeek_plugin_begin(Demo Foo) +zeek_plugin_cc(src/Plugin.cc) +zeek_plugin_cc(src/Foo.cc) +zeek_plugin_bif(src/events.bif) +zeek_plugin_end() diff --git a/testing/btest/plugins/legacy-plugin/.btest-ignore b/testing/btest/plugins/legacy-plugin/.btest-ignore new file mode 100644 index 0000000000..e69de29bb2 diff --git a/testing/btest/plugins/legacy-plugin/CMakeLists.txt b/testing/btest/plugins/legacy-plugin/CMakeLists.txt new file mode 100644 index 0000000000..92e1a90e9d --- /dev/null +++ b/testing/btest/plugins/legacy-plugin/CMakeLists.txt @@ -0,0 +1,19 @@ + +project(Zeek-Plugin-Demo-Foo) + +cmake_minimum_required(VERSION 2.6.3) + +if ( NOT BRO_DIST ) + message(FATAL_ERROR "BRO_DIST not set") +endif () + +set(CMAKE_MODULE_PATH ${BRO_DIST}/cmake) + +include(BroPlugin) + +bro_plugin_begin(Demo Foo) +bro_plugin_cc(src/Plugin.cc) +bro_plugin_cc(src/Foo.cc) +bro_plugin_bif(src/events.bif) +bro_plugin_pac(src/foo.pac src/foo-protocol.pac src/foo-analyzer.pac) +bro_plugin_end() diff --git a/testing/btest/plugins/legacy-plugin/scripts/Demo/Foo/base/main.zeek b/testing/btest/plugins/legacy-plugin/scripts/Demo/Foo/base/main.zeek new file mode 100644 index 0000000000..76c63723b7 --- /dev/null +++ b/testing/btest/plugins/legacy-plugin/scripts/Demo/Foo/base/main.zeek @@ -0,0 +1,7 @@ + +const ports = { 4242/tcp }; + +event zeek_init() &priority=5 + { + Analyzer::register_for_ports(Analyzer::ANALYZER_FOO, ports); + } diff --git a/testing/btest/plugins/legacy-plugin/scripts/__load__.zeek b/testing/btest/plugins/legacy-plugin/scripts/__load__.zeek new file mode 100644 index 0000000000..330718c604 --- /dev/null +++ b/testing/btest/plugins/legacy-plugin/scripts/__load__.zeek @@ -0,0 +1 @@ +@load Demo/Foo/base/main diff --git a/testing/btest/plugins/legacy-plugin/src/Foo.cc b/testing/btest/plugins/legacy-plugin/src/Foo.cc new file mode 100644 index 0000000000..be3c52a98b --- /dev/null +++ b/testing/btest/plugins/legacy-plugin/src/Foo.cc @@ -0,0 +1,59 @@ + +#include "Foo.h" +#include "foo_pac.h" +#include "events.bif.h" + +#include + +using namespace plugin::Demo_Foo; + +Foo::Foo(Connection* conn) + : analyzer::tcp::TCP_ApplicationAnalyzer("Foo", conn) + { + interp = new binpac::Foo::Foo_Conn(this); + } + +Foo::~Foo() + { + delete interp; + } + +void Foo::Done() + { + analyzer::tcp::TCP_ApplicationAnalyzer::Done(); + + interp->FlowEOF(true); + interp->FlowEOF(false); + } + +void Foo::EndpointEOF(bool is_orig) + { + analyzer::tcp::TCP_ApplicationAnalyzer::EndpointEOF(is_orig); + interp->FlowEOF(is_orig); + } + +void Foo::DeliverStream(int len, const u_char* data, bool orig) + { + analyzer::tcp::TCP_ApplicationAnalyzer::DeliverStream(len, data, orig); + + assert(TCP()); + + if ( TCP()->IsPartial() ) + // punt on partial. + return; + + try + { + interp->NewData(orig, data, data + len); + } + catch ( const binpac::Exception& e ) + { + ProtocolViolation(fmt("Binpac exception: %s", e.c_msg())); + } + } + +void Foo::Undelivered(uint64 seq, int len, bool orig) + { + analyzer::tcp::TCP_ApplicationAnalyzer::Undelivered(seq, len, orig); + interp->NewGap(orig, len); + } diff --git a/testing/btest/plugins/legacy-plugin/src/Foo.h b/testing/btest/plugins/legacy-plugin/src/Foo.h new file mode 100644 index 0000000000..e12fed889d --- /dev/null +++ b/testing/btest/plugins/legacy-plugin/src/Foo.h @@ -0,0 +1,32 @@ + +#ifndef BRO_PLUGIN_DEMO_FOO_H +#define BRO_PLUGIN_DEMO_FOO_H + +#include "analyzer/protocol/tcp/TCP.h" +#include "analyzer/protocol/pia/PIA.h" + +namespace binpac { namespace Foo { class Foo_Conn; } } + +namespace plugin { +namespace Demo_Foo { + +class Foo : public analyzer::tcp::TCP_ApplicationAnalyzer { +public: + Foo(Connection* conn); + ~Foo(); + + virtual void Done(); + virtual void DeliverStream(int len, const u_char* data, bool orig); + virtual void Undelivered(uint64 seq, int len, bool orig); + virtual void EndpointEOF(bool is_orig); + + static analyzer::Analyzer* Instantiate(Connection* conn) + { return new Foo(conn); } + +protected: + binpac::Foo::Foo_Conn* interp; +}; + +} } + +#endif diff --git a/testing/btest/plugins/legacy-plugin/src/Plugin.cc b/testing/btest/plugins/legacy-plugin/src/Plugin.cc new file mode 100644 index 0000000000..bd2662d67c --- /dev/null +++ b/testing/btest/plugins/legacy-plugin/src/Plugin.cc @@ -0,0 +1,21 @@ + +#include "Plugin.h" + +#include "Foo.h" + +namespace plugin { namespace Demo_Foo { Plugin plugin; } } + +using namespace plugin::Demo_Foo; + +plugin::Configuration Plugin::Configure() + { + AddComponent(new ::analyzer::Component("Foo", plugin::Demo_Foo::Foo::Instantiate)); + + plugin::Configuration config; + config.name = "Demo::Foo"; + config.description = "A Foo test analyzer"; + config.version.major = 1; + config.version.minor = 0; + config.version.patch = 0; + return config; + } diff --git a/testing/btest/plugins/legacy-plugin/src/events.bif b/testing/btest/plugins/legacy-plugin/src/events.bif new file mode 100644 index 0000000000..4603fe4cf6 --- /dev/null +++ b/testing/btest/plugins/legacy-plugin/src/events.bif @@ -0,0 +1,2 @@ + +event foo_message%(c: connection, data: string%); diff --git a/testing/btest/plugins/legacy-plugin/src/foo-analyzer.pac b/testing/btest/plugins/legacy-plugin/src/foo-analyzer.pac new file mode 100644 index 0000000000..a210a8430c --- /dev/null +++ b/testing/btest/plugins/legacy-plugin/src/foo-analyzer.pac @@ -0,0 +1,15 @@ + +refine connection Foo_Conn += { + + function Foo_data(msg: Foo_Message): bool + %{ + StringVal* data = new StringVal(${msg.data}.length(), (const char*) ${msg.data}.data()); + BifEvent::generate_foo_message(bro_analyzer(), bro_analyzer()->Conn(), data); + return true; + %} + +}; + +refine typeattr Foo_Message += &let { + proc: bool = $context.connection.Foo_data(this); +}; diff --git a/testing/btest/plugins/legacy-plugin/src/foo-protocol.pac b/testing/btest/plugins/legacy-plugin/src/foo-protocol.pac new file mode 100644 index 0000000000..892513c4f0 --- /dev/null +++ b/testing/btest/plugins/legacy-plugin/src/foo-protocol.pac @@ -0,0 +1,4 @@ + +type Foo_Message(is_orig: bool) = record { + data: bytestring &restofdata; +}; diff --git a/testing/btest/plugins/legacy-plugin/src/foo.pac b/testing/btest/plugins/legacy-plugin/src/foo.pac new file mode 100644 index 0000000000..826bcc624e --- /dev/null +++ b/testing/btest/plugins/legacy-plugin/src/foo.pac @@ -0,0 +1,26 @@ +%include binpac.pac +%include bro.pac + +%extern{ +#include "Foo.h" + +#include "events.bif.h" +%} + +analyzer Foo withcontext { + connection: Foo_Conn; + flow: Foo_Flow; +}; + +connection Foo_Conn(bro_analyzer: BroAnalyzer) { + upflow = Foo_Flow(true); + downflow = Foo_Flow(false); +}; + +%include foo-protocol.pac + +flow Foo_Flow(is_orig: bool) { + datagram = Foo_Message(is_orig) withcontext(connection, this); +}; + +%include foo-analyzer.pac diff --git a/testing/btest/plugins/legacy.zeek b/testing/btest/plugins/legacy.zeek new file mode 100644 index 0000000000..509de66568 --- /dev/null +++ b/testing/btest/plugins/legacy.zeek @@ -0,0 +1,14 @@ +# Test that legacy Bro plugins still work. +# @TEST-EXEC: ${DIST}/aux/zeek-aux/plugin-support/init-plugin -u . Demo Foo +# @TEST-EXEC: cp -r %DIR/legacy-plugin/* . +# @TEST-EXEC: ./configure --bro-dist=${DIST} && make +# @TEST-EXEC: BRO_PLUGIN_PATH=`pwd` zeek -NN Demo::Foo >>output +# @TEST-EXEC: echo === >>output +# @TEST-EXEC: BRO_PLUGIN_PATH=`pwd` zeek -r $TRACES/port4242.trace %INPUT >>output +# @TEST-EXEC: TEST_DIFF_CANONIFIER= btest-diff output + +event foo_message(c: connection, data: string) + { + print "foo_message", c$id, data; + } + diff --git a/testing/btest/plugins/pktdumper-plugin/CMakeLists.txt b/testing/btest/plugins/pktdumper-plugin/CMakeLists.txt index 2234907ad2..0b92f3b0ca 100644 --- a/testing/btest/plugins/pktdumper-plugin/CMakeLists.txt +++ b/testing/btest/plugins/pktdumper-plugin/CMakeLists.txt @@ -1,17 +1,17 @@ -project(Bro-Plugin-Demo-Foo) +project(Zeek-Plugin-Demo-Foo) cmake_minimum_required(VERSION 2.6.3) -if ( NOT BRO_DIST ) - message(FATAL_ERROR "BRO_DIST not set") +if ( NOT ZEEK_DIST ) + message(FATAL_ERROR "ZEEK_DIST not set") endif () -set(CMAKE_MODULE_PATH ${BRO_DIST}/cmake) +set(CMAKE_MODULE_PATH ${ZEEK_DIST}/cmake) -include(BroPlugin) +include(ZeekPlugin) -bro_plugin_begin(Demo Foo) -bro_plugin_cc(src/Plugin.cc) -bro_plugin_cc(src/Foo.cc) -bro_plugin_end() +zeek_plugin_begin(Demo Foo) +zeek_plugin_cc(src/Plugin.cc) +zeek_plugin_cc(src/Foo.cc) +zeek_plugin_end() diff --git a/testing/btest/plugins/pktsrc-plugin/CMakeLists.txt b/testing/btest/plugins/pktsrc-plugin/CMakeLists.txt index 2234907ad2..0b92f3b0ca 100644 --- a/testing/btest/plugins/pktsrc-plugin/CMakeLists.txt +++ b/testing/btest/plugins/pktsrc-plugin/CMakeLists.txt @@ -1,17 +1,17 @@ -project(Bro-Plugin-Demo-Foo) +project(Zeek-Plugin-Demo-Foo) cmake_minimum_required(VERSION 2.6.3) -if ( NOT BRO_DIST ) - message(FATAL_ERROR "BRO_DIST not set") +if ( NOT ZEEK_DIST ) + message(FATAL_ERROR "ZEEK_DIST not set") endif () -set(CMAKE_MODULE_PATH ${BRO_DIST}/cmake) +set(CMAKE_MODULE_PATH ${ZEEK_DIST}/cmake) -include(BroPlugin) +include(ZeekPlugin) -bro_plugin_begin(Demo Foo) -bro_plugin_cc(src/Plugin.cc) -bro_plugin_cc(src/Foo.cc) -bro_plugin_end() +zeek_plugin_begin(Demo Foo) +zeek_plugin_cc(src/Plugin.cc) +zeek_plugin_cc(src/Foo.cc) +zeek_plugin_end() diff --git a/testing/btest/plugins/protocol-plugin/CMakeLists.txt b/testing/btest/plugins/protocol-plugin/CMakeLists.txt index 4bc8460c06..b8faa26ebd 100644 --- a/testing/btest/plugins/protocol-plugin/CMakeLists.txt +++ b/testing/btest/plugins/protocol-plugin/CMakeLists.txt @@ -1,19 +1,19 @@ -project(Bro-Plugin-Demo-Foo) +project(Zeek-Plugin-Demo-Foo) cmake_minimum_required(VERSION 2.6.3) -if ( NOT BRO_DIST ) - message(FATAL_ERROR "BRO_DIST not set") +if ( NOT ZEEK_DIST ) + message(FATAL_ERROR "ZEEK_DIST not set") endif () -set(CMAKE_MODULE_PATH ${BRO_DIST}/cmake) +set(CMAKE_MODULE_PATH ${ZEEK_DIST}/cmake) -include(BroPlugin) +include(ZeekPlugin) -bro_plugin_begin(Demo Foo) -bro_plugin_cc(src/Plugin.cc) -bro_plugin_cc(src/Foo.cc) -bro_plugin_bif(src/events.bif) -bro_plugin_pac(src/foo.pac src/foo-protocol.pac src/foo-analyzer.pac) -bro_plugin_end() +zeek_plugin_begin(Demo Foo) +zeek_plugin_cc(src/Plugin.cc) +zeek_plugin_cc(src/Foo.cc) +zeek_plugin_bif(src/events.bif) +zeek_plugin_pac(src/foo.pac src/foo-protocol.pac src/foo-analyzer.pac) +zeek_plugin_end() diff --git a/testing/btest/plugins/reader-plugin/CMakeLists.txt b/testing/btest/plugins/reader-plugin/CMakeLists.txt index 2234907ad2..0b92f3b0ca 100644 --- a/testing/btest/plugins/reader-plugin/CMakeLists.txt +++ b/testing/btest/plugins/reader-plugin/CMakeLists.txt @@ -1,17 +1,17 @@ -project(Bro-Plugin-Demo-Foo) +project(Zeek-Plugin-Demo-Foo) cmake_minimum_required(VERSION 2.6.3) -if ( NOT BRO_DIST ) - message(FATAL_ERROR "BRO_DIST not set") +if ( NOT ZEEK_DIST ) + message(FATAL_ERROR "ZEEK_DIST not set") endif () -set(CMAKE_MODULE_PATH ${BRO_DIST}/cmake) +set(CMAKE_MODULE_PATH ${ZEEK_DIST}/cmake) -include(BroPlugin) +include(ZeekPlugin) -bro_plugin_begin(Demo Foo) -bro_plugin_cc(src/Plugin.cc) -bro_plugin_cc(src/Foo.cc) -bro_plugin_end() +zeek_plugin_begin(Demo Foo) +zeek_plugin_cc(src/Plugin.cc) +zeek_plugin_cc(src/Foo.cc) +zeek_plugin_end() diff --git a/testing/btest/plugins/writer-plugin/CMakeLists.txt b/testing/btest/plugins/writer-plugin/CMakeLists.txt index 2234907ad2..0b92f3b0ca 100644 --- a/testing/btest/plugins/writer-plugin/CMakeLists.txt +++ b/testing/btest/plugins/writer-plugin/CMakeLists.txt @@ -1,17 +1,17 @@ -project(Bro-Plugin-Demo-Foo) +project(Zeek-Plugin-Demo-Foo) cmake_minimum_required(VERSION 2.6.3) -if ( NOT BRO_DIST ) - message(FATAL_ERROR "BRO_DIST not set") +if ( NOT ZEEK_DIST ) + message(FATAL_ERROR "ZEEK_DIST not set") endif () -set(CMAKE_MODULE_PATH ${BRO_DIST}/cmake) +set(CMAKE_MODULE_PATH ${ZEEK_DIST}/cmake) -include(BroPlugin) +include(ZeekPlugin) -bro_plugin_begin(Demo Foo) -bro_plugin_cc(src/Plugin.cc) -bro_plugin_cc(src/Foo.cc) -bro_plugin_end() +zeek_plugin_begin(Demo Foo) +zeek_plugin_cc(src/Plugin.cc) +zeek_plugin_cc(src/Foo.cc) +zeek_plugin_end() diff --git a/zeek-config.h.in b/zeek-config.h.in index d460e6db8e..ecb4e4df89 100644 --- a/zeek-config.h.in +++ b/zeek-config.h.in @@ -223,8 +223,8 @@ #define DYNAMIC_PLUGIN_SUFFIX "@CMAKE_SHARED_MODULE_SUFFIX@" /* True if we're building outside of the main Zeek source code tree. */ -#ifndef BRO_PLUGIN_INTERNAL_BUILD -#define BRO_PLUGIN_INTERNAL_BUILD @BRO_PLUGIN_INTERNAL_BUILD@ +#ifndef ZEEK_PLUGIN_INTERNAL_BUILD +#define ZEEK_PLUGIN_INTERNAL_BUILD @ZEEK_PLUGIN_INTERNAL_BUILD@ #endif /* A C function that has the Zeek version encoded into its name. */ diff --git a/zeek-config.in b/zeek-config.in index 247e512c3f..5afafb56ec 100755 --- a/zeek-config.in +++ b/zeek-config.in @@ -3,21 +3,21 @@ version=@VERSION@ build_type=@CMAKE_BUILD_TYPE_LOWER@ prefix=@CMAKE_INSTALL_PREFIX@ -script_dir=@BRO_SCRIPT_INSTALL_PATH@ -site_dir=@BRO_SCRIPT_INSTALL_PATH@/site +script_dir=@ZEEK_SCRIPT_INSTALL_PATH@ +site_dir=@ZEEK_SCRIPT_INSTALL_PATH@/site plugin_dir=@BRO_PLUGIN_INSTALL_PATH@ -config_dir=@BRO_ETC_INSTALL_DIR@ +config_dir=@ZEEK_ETC_INSTALL_DIR@ python_dir=@PY_MOD_INSTALL_DIR@ cmake_dir=@CMAKE_INSTALL_PREFIX@/share/bro/cmake include_dir=@CMAKE_INSTALL_PREFIX@/include/bro -bropath=@DEFAULT_BROPATH@ -bro_dist=@BRO_DIST@ +zeekpath=@DEFAULT_ZEEKPATH@ +zeek_dist=@ZEEK_DIST@ binpac_root=@ZEEK_CONFIG_BINPAC_ROOT_DIR@ caf_root=@ZEEK_CONFIG_CAF_ROOT_DIR@ broker_root=@ZEEK_CONFIG_BROKER_ROOT_DIR@ usage="\ -Usage: zeek-config [--version] [--build_type] [--prefix] [--script_dir] [--site_dir] [--plugin_dir] [--config_dir] [--python_dir] [--include_dir] [--cmake_dir] [--bropath] [--bro_dist] [--binpac_root] [--caf_root] [--broker_root]" +Usage: zeek-config [--version] [--build_type] [--prefix] [--script_dir] [--site_dir] [--plugin_dir] [--config_dir] [--python_dir] [--include_dir] [--cmake_dir] [--zeekpath] [--zeek_dist] [--binpac_root] [--caf_root] [--broker_root]" if [ $# -eq 0 ] ; then echo "${usage}" 1>&2 @@ -61,11 +61,17 @@ while [ $# -ne 0 ]; do --include_dir) echo $include_dir ;; - --bropath) - echo $bropath + --bropath) # For compatibility with legacy Bro plugins. + echo $zeekpath ;; - --bro_dist) - echo $bro_dist + --zeekpath) + echo $zeekpath + ;; + --bro_dist) # For compatibility with legacy Bro plugins. + echo $zeek_dist + ;; + --zeek_dist) + echo $zeek_dist ;; --binpac_root) echo $binpac_root