Updated enum type. New description:
Enum's are supported in .bif and .bro scripts.
An enum in a bif will become available in the event engine and
the policy layer.
It is possible to assign an explicit value to an enum enumerator
element, or the enum type can automatically assign values. However,
the styles cannot be mixed. If automatic assignement is used, the first
element will have a value of 0, the next will have a value of 1, etc.
Enum type variables and identifiers can be formated using the "%s"
format specifier, in which case the symbolic name will be printed.
If the "%d" format specifier is used, the numerical value is
printed.
Example automatic assignment:
type foo: enum {
BAR_A, # value will be 0
BAR_B, # value will be 1
BAR_C, # value will be 2
};
Example with explicit assignment:
type foobar: enum {
BAR_X = 10, # value will be 10
BAR_Y = 23, # value will be 23
BAR_Z = 42, # value will be 42
};
Enumerator values can only by positive integer literals.
The literals can be specified in (0x....), but not in octal (bro policy
layer limitation). So, do not use 0123 as value in bifs!
Each enumerator value can only be used once per enum (C allows
to use the same value multiple times).
All these restrictions are enforced by the policy script layer and not
the bif compiler!
Enums can be redef'ed, i.e., extended. If the enum is automatic
increment assignment, then the value will continue to increment.
If the enum uses explicit assignment, then the redef need to use
explicit assignments as well.
Example 1::
redef enum foo += {
BAR_D, # value will be 3
BAR_E, # value will be 4
BAR_F, # value will be 5
};
Example 2::
redef enum foobar += {
BAR_W = 100,
};
* Adding support for enums with explicit enumerator values (see doc
below) to bifcl and policy layer.
* Bifcl: remove (partially written) output files on error and
do a nice exit(1) instead of harsh abort() on parse errors.
* CMakeText: if bifcl fails, remove output files (failsafe,
in case bifcl fails to clean up after itself).
Enum description
----------------
Enum's are supported in .bif and .bro scripts.
An enum in a bif will become available in the event engine and
the policy layer.
Enums are "C-style". The first element in an enum will have a
value of 0, the next value will be 1, etc.
It is possible to assign an enumerator value to an element. If
next element does not have an explicit value, its values will be
the value of the last element + 1
Example::
type foo: enum {
BAR_A, # value will be 0
BAR_B, # value will be 1
BAR_C = 10, # value will be 10
BAR_D, # value will be 11
};
Enumerator values can only by positive integer literals.
The literals can be specified in (0x....), but not in octal (bro policy
layer limitation). So, do not use 0123 as value in bifs!
Each enumerator value can only be used once per enum (C allows
to use the same value multiple times). This makes reverse mapping from
value to name (e.g., in %s format strings) unambigious. This is enforced
in by the policy script.
Enums can be redef'ed, i.e., extended. Enumerator values will continue
to increment. If there are multiple redefs in different policy scripts,
then name <-> value mappings will obviously depend on the order in
which scripts are loaded (which might not be obvious).
Example::
redef enum foo += {
BAR_E, # value will be 12
BAR_F = 5, # value will be 5
BAR_G, # value will be 6
};
Val::Val had prototypes for int, long, int64, etc. But depending on the
architecture some of those might be the same (int64 and long) thus
yielding a compile error.
Fix: only use int32, int64, etc. for prototype. ints and longs can still
be passed, since they will match one of these fixed-width types
regardless of platform.
Also fix some more compiler warnings with format strings.
* origin/topic/seth/fix-compiler-warnings:
Fixed problem with PRI macros.
PRI macros are currently not working for some reason.
Two more small compile time error fixes.
Cleaned up the output from running binpac.
Added line to expect shift/reduce errors in parse.in
Cleaned up g++ warnings.
Addition: I fixed a few more warnings I was getting, and tweaked some
of the existing changes slightly.
* remotes/origin/topic/robin/work:
*Now* this passes the test suite.
Fixes to SSL/TLS analyzer
Added new TLS ciphers
Removing some apparently unnecessary lines.
A few smaller tweaks.
Prepared the old analyzer for extracting SSL extensions.
Fixed bug in do_split implementation.
Removed an accidental debugging printf.
Readded the other changes to remove CheckString calls from strings.bif.
Fixed the problem with do_split function which caused it to bail 1 separator early.
Modification from rmkml to support SSL extensions.
Updated SSL analyzer and Bro script with lots of new ciphers.
* remotes/origin/topic/seth/strings-without-checkstring:
*Now* this passes the test suite.
Removing some apparently unnecessary lines.
A few smaller tweaks.
Fixed bug in do_split implementation.
Removed an accidental debugging printf.
Readded the other changes to remove CheckString calls from strings.bif.
Fixed the problem with do_split function which caused it to bail 1 separator early.
* origin/topic/seth/ssl-analyzer-work:
Fixes to SSL/TLS analyzer
Added new TLS ciphers
Prepared the old analyzer for extracting SSL extensions.
Modification from rmkml to support SSL extensions.
Updated SSL analyzer and Bro script with lots of new ciphers.
This is per #375.
Record types can now get additional fields later via '+='. The added
fields must however either be &optional or have a &default value.
Example:
type Foo: record {
a: count;
b: count &optional;
};
redef record Foo += {
c: count &default=42;
d: count &optional;
};
global f: Foo = [$a=21];
print f;
Output:
[a=21, b=<uninitialized>, c=42, d=<uninitialized>]
* origin/topic/robin/work:
Smarter way to increase the parent/child pipe's socket buffer. (Craig Leres).
Fixing bug with defining bro_int_t and bro_uint_t as 64-bit in some platforms.
table/set indices.
This addresses #367. In principle, the fix is quite straightford.
However, it turns out that sometimes record fields lost their
attributes on assignment, and then the hashing can't decide anymore
whether a field is optional or not. So that needed to be fixed as
well.
I got the last fix wrong and I was still misunderstanding
one behavior of the existing do_split function. When a
separator match goes to the last character of the string,
a blank string element should be appended to the
string_array to indicate that a successful split occurred.
Analyzer can cope with zero length client and server
certificates. It does still generate a weird though.
Extended cipherspec_size weirds are not thrown anymore,
they are incredibly overwhelming and should be handled
completely at the scripting in my opinion.
Integrated and expanded on patch Rmkml from ticket #209
that fixes problem with not parsing or expecting SSL
extensions. SSL extensions still are not extracted
and passed to script land, but the analyzer doesn't
fail anymore.
