* origin/topic/srunnels/documentation:
Spelling corrections.
Include a better description for detect-MHR.bro
Rewrite the MHR detection description.
Spelling corrections.
Update the lines included from events.bif.bro.
I added a better more concise and accurate description of what is going
on behind the scenes of detect-MHR.bro to not only bring it into line
with the Files framework but to help make it a bit more clear as to
where the various responsibilities lie.
Now that the MHR script uses the file analysis framework, the
description needed to be rewritten to reflect the changes. Robin
commented that he didn't feel the MHR script was a good introductory
script and he might be right, however, I couldn't find one that was
easier to explain.
This should help on systems where the default shell (e.g. dash on
Ubuntu) fork-execs in order to run commands. In that case, we were
just killing the shell and the shell would exit without killing
the actual process corresponding to command that was requested.
Setting a process group for the shell exec'd from Bro and killing
by process group should help clean everything up since process group
will be inherited by any procs that shell fork-execs.
* origin/fastpath:
Add links to Intelligence Framework documentation
update mozilla root ca list
Update Mozilla root CA certs.
Update documentation of required packages
* origin/topic/bernhard/ticket1072:
and const 2 more functions
update hll documentation, make a few functions private and create a new copy constructor.
fix case where hll_error_margin could be undefined (thanks John)
BIT-1072 #merged
* origin/topic/dnthayer/compilerwarn:
Fix compiler warning (time_t is not a pointer type)
Fix cmake warning about ENABLE_PERFTOOLS not being used
Fix another compiler warning
Fix compiler warnings
BIT-1079 #merged
Make feedback available regarding whether adding a child analyzer fails
because one of the same type already exists (so one can avoid invalid
pointer access of a delete'd analyzer).
An unsized array already parses indefinitely. &until($element <= 0)
just causes nonsense code to be generated. I.e. checking a pointer that
can never even be null against <= 0. And the compare would happen after
delete'ing the pointer, making it even odder (though still benign).
Coverity claimed a mismatched iterator here. Don't think it was, but
this might make it either go away or make its insane template output
understandable. Else at least it makes the code more readable.
