This is because libmagic can return different results depending on
installation.
Note, this still doesn't fix all problems: smtp-entities sets md5
depending on the mime-type returned by libmagic ...
Log rotation is now controlled directly through Filter records.
Also addressed a TODO in the default_path_func regarding the
LogMgr::AddFilter function generating internal filter path
suggestions/fallbacks. Now, if the user doesn't explicitly set a filter
path, the filter's path will be the result of the first call to
default_path_func (happens during the first write to the log). And in
that case the path suggestion argument to the path_func is an empty
string.
The traces for external test-suites are no longer kept inside the
repositories themselves but downloaded separately via curl. This is
because git is pretty bad at dealing with large files.
See the README for more information.
- This is an attempt at fixing the memory issues brought about by
the introduction of the new SSL analyzer. My initial testing
shows a hefty memory saving.
* origin/topic/gilbert/rand-pool:
Updating tests.
Updated uid pools to use integer values instead of strings.
Updating tests.
Test no longer relevant. Need a way to generate and test collisions.
A few minor tweaks to make code less braindead. Fixed-length piece of pool name now only used to hash when determinism is not required; otherwise, whole pool name is used. Note that collisions between pool name hashes will lead to sensitivity to initialization order within the UID generator.
Testing long (>32 character) pool names.
Simple test to verify various pools are not affecting each other.
Some working code. Adds UID pools classified by string. Just compiles and runs; need to go back through and make sure this code is actually doing what I want it to do.
Note, I've removed the collision detection. Seems unlikely to occur
and even if, it's not really that bad.
- The "private interface" section is still tracked, but no longer rendered.
We can judge the usefulness of it later and add back if there's demand.
- Documentation of event handlers was being treated the same as event
declarations. Now handlers are tracked separately, but not currently
rendered in the generated doc output since usefulness is questionable.
- Reorganize top-level 'doc' Makefile target so submodules can easily
add their own doc-generating routines to it. e.g. the Bro project
makes a placeholder 'doc' target, then adds 'restdoc', 'sphinxdoc';
later Broccoli can add it's own target as a dependency for generating
API docs.
- Fixed generated docs for BIFs not being organized under a base/
subdirectory like the original source files.
- Fixed documentation style for function parameters not applying to
functions declared as record fields.
- Misc. script documentation tweaks to address warnings given by Sphinx.
* origin/topic/gilbert/ascii-header:
Updated tests; removed net type from type conversion code.
Updated header format (see #558)
Header modification to LogWriterAscii to make it easier for scripts to understand bro log files.
Notes:
- I've refactored the code a bit, also adapting the style a bit.
Also edited the header format slightly.
- I'm skipping the testing/btest/profiles directory, which seems
unrelated.
- I'm also skipping the baseline updates as they weren't
up-to-date anymore. Will update them in a subsequent commit.
Binpac exceptions caught in Analyzer.cc are passed to Reporter::Weird
and from there to Reporter::WeirdHelper. WeirdHelper has var args, to
support passing them on to DoLog, but there were no forced format
strings. Since the binpac exception can contain network data which can
contain %-characters, that caused segfaults.
Note, I didn't see the topic/jsiwek/cmake-rpath branch in the Bro
repository so I copied the change from the submodules, assuming it
applies in the same way.
- Log path's are generated in the scripting land
now. The default Log stream ID to path string
mapping works like this:
- Notice::LOG -> "notice"
- Notice::POLICY_LOG -> "notice_policy"
- TestModule::LOG -> "test_module"
- Logging streams updated across all of the shipped
scripts to be more user friendly. Instead of
the logging stream ID HTTP::HTTP, we now have
HTTP::LOG, etc.
- The priorities on some bro_init handlers have
been adjusted to make the process of applying
filters or disabling streams easier for users.
- If the misc/pf-ring-load-balancing script is loaded, the correct
environment variables will be set to enable automatic flow based
load balancing used pf_ring if Bro is built against the pf_ring
libpcap wrapper. Loading the script on non-Linux OSs or when Bro
isn't linked against the correct libpcap has no known side effects
since the script just sets environment variables.
- Added a BiF named setenv for setting environment variables.
