Now manually keeps track of peer count instead of querying Broker for
that information (which would result in waiting upon a blocking request
to the core actor).
When encountering an extension unknown to OpenSSL, we would read from
the wrong memory location. Also added a testcase to prevent this specific
case from happening again.
For fuzzed/damaged/corrupted pcaps, a timestamp of 0 could lead to an
infinite loop in Bro as it interprets that as meaning the packet source
is not ready yet.
* origin/topic/jsiwek/broker-misc:
Add Broker::publish_and_relay BIF
Document variable argument list BIFs using ellipsis
Support unserializing broker data into type 'any'
Fix a bug in broker data type-casting check
Remove dead code in broker data/val conversion function
* origin/topic/vladg/ssh-fix:
#120: Pull in PR, and make a couple small cleanup tweaks.
SSH protocol now assesses the packet length at an earlier stage within binpac. Stops SSH analyzer constantly raising binpac exceptions. Seems to be because a packet continues to go through binpac when empty and only calls the next packet when asked for more data and not on operations.
References to Input::Reader and Log::Writer enum types no longer emit
warnings as they are now hardcoded to be documented as part of their
associated framework scripts and so links to them now work.
The receiver side will wrap the data as a Broker::Data value, which
can then be type-checked/cast via 'is' or 'as' operators to a specific
Bro type. For example:
Sender:
Broker::publish("topic", my_event, "hello")
Receiver:
event my_event(arg: any)
{
if ( arg is string )
print arg as string;
}
* 'topic/dopheide/broker-docs' of https://github.com/dopheide-esnet/bro:
A suggestion for reminding folks about calling events in Module namespaces.
I've changed this to include more accurate examples
It was possibly never updated for newer Analyzer API changes, as simply
attaching the NCP analyzer to a connection would result in null pointer
derefernces and also support analyzers were not attached.
* origin/topic/jsiwek/binpac-fixes:
Update test baseline for binpac changes
Update test baseline for optimized binpac static-size array parsing
Fixes for MySQL and SMB protocol parsers
BIT-1829: add unit test for modbus parser issue
