Scripting errors/mistakes now consistently generate a runtime error
which have the behavior of unwinding the call stack all the way out of
the current event handler.
Before, such errors were not treated consistently and either aborted
the process entirely or emitted a message while continuing to execute
subsequent statements without well-defined behavior (possibly causing
a cascade of errors).
The previous behavior also would only unwind out of the current
function (if within a function body), not out the current event
handler, which is especially problematic for functions that return
a value: the caller is essentially left a mess with no way to deal
with it.
This also changes the behavior of the startup/initialization process
to abort if there's errors during bro_init() rather than continue one
to the main run loop. The `allow_init_errors` option may change this
new, default behavior.
* origin/topic/jsiwek/empty-lines:
Add 'smtp_excessive_pending_cmds' weird
Fix SMTP command string comparisons
Improve handling of empty lines in several text protocol analyzers
Add rate-limiting sampling mechanism for weird events
Teach timestamp canonifier about timestamps before ~2001
Improved the travis-job test script so that it works outside of Travis.
This can be useful to test changes to the docker container config before
pushing to master, for testing changes on a branch, or for debugging
some problem with the tests running on Travis. This required the
following changes:
-The script no longer requires the TRAVIS env. variable to be set.
-Added an "all" command as a more convenient way to run all steps in a
build.
-Added a "coverity" command-line option to do a coverity build.
-Before building Bro or downloading coverity tools, do a cleanup from any
previous build.
Also other minor improvements (code comments, reorganization, etc.).
* origin/topic/jsiwek/openssl-1.1:
Update install instructions for OpenSSL 1.1 compat
Remove requestorName parameter of ocsp_request event
Adjust x509 unit tests to work around OpenSSL 1.0 vs. 1.1 differences
Fixes for OpenSSL 1.1 support
The advantage of using docker containers is to build and test Bro in
an environment that more closely resembles the environment where Bro
will actually be used. The docker containers currently used enable
testing Bro with all the major versions of gcc (versions 4 through 8),
as well as both python 2 and 3.
The "travis-job" script now takes a second parameter which specifies
a Linux distro to use (specifying "travis" will build and test bro
without using docker).
Improved readability of the output by adding more error checking
and better error and informational messages, and by moving the
unit test diag.log output to just before any external tests are run.
For pull request builds, skip the private tests instead of failing.
Prevent timeouts after 10 minutes of no output by not using the
btest "-b" option.
Decrease build time by not building unneeded components.
On Travis CI, btest was using 32 threads when running with "-j". Reducing
this to "-j 4" seems to make the tests run a bit faster overall and
somewhat reduces the number of test failures.
Remove some output from the Travis CI build log to make it easier
to read.
There is an issue with Travis CI when using encrypted environment
variables. In this case, when btest calls the python function
sys.stdout.isatty() it returns False, which causes btest to output one
line for each test (passed or failed). As a result, it is difficult to
see at a glance which tests failed. Switching to btest brief output to
address this issue.
I've moved .travis.job to testing/scripts/travis-job and adapted
.travis.yml accordingly.
* origin/topic/dnthayer/travis-ci-updates:
Fix information leak in the update-traces script
Add coverity scan and private testing to Travis CI
The OpenSSL on debian 8 refuses to validate one connection; everyone
else can. The easiest fix is to add the CA certificate to the root list.
Once debian has a newer version of OpenSSL, we should be able to remove
it again.
Fixed some test canonifier scripts to read from stdin instead of
from a filename specified as a cmd-line argument. This is needed
in order to be able to reliably use them in a pipeline with other
test canonifiers.
Also removed some unused test canonifier scripts.
* origin/topic/struck/BIT-1277:
[ADD] Added the feature to return 0 content to the python http test server and added functionality for post requests
[ADD] added baseline for the new active-http test and added a test to check for the content-length 0 fix.
[ADD] added baseline for the new exec test and added a test to check for the empty files fix.
[FIX] exec should write an empty string when file is empty instead of the filename
[FIX] Add files to result table even if the files are empty
BIT-1277 #merged
