- People were seeing some reporter messages where the
SIP scripts were not handling things safely.
- New fields to show {request|response}_{from|to}.
- Fixed a case where logs could be over logged on accident (junk logs).
* origin/fastpath:
Fix the -J/--set-seed cmd-line option
Remove unused -l, -L, and -Z cmd-line options
Fix the --time and --re-level cmd-line options
Update NEWS with changes to Bro cmd-line options
Minor corrections and clarifications to NEWS
Conflicts:
NEWS
* topic/robin/ascii-escape-normalization:
Updating NEWS.
In bifs, change ODesc objects to have RAW_STYLE.
Changing what's escaped when printing.
Remove several BroString escaping methods that are no longer useful.
BIT-1333 #merged
* origin/topic/vladg/sip:
Update NEWS.
Update baselines.
Spruce up SIP events.bif documentation a bit.
Register SIP analyzer to well known port.
Fix indenting issue in main.bro
Add SIP btests.
Small update for the SIP logs and DPD sig.
SIP: Fix up DPD and the TCP analyzer a bit.
SIP: Move to the new string BIFs
SIP: Move to new analyzer format.
Move the SIP analyzer to uint64 sequences, and a number of other small SIP fixes.
Rely on content inspection and not just is_orig to determine client/server.
Enable SIP in CMakeLists.txt
Merge topic/seth/faf-updates.
BIT-1370 #merged
It's now using the shared code in asn1/asn1.pac. I also moved a few
more functions over there.
This required a little bit of surgery, hope I got it right. Tests pass
...
* origin/topic/vladg/kerberos: (27 commits)
Add Kerberos to NEWS.
Add Kerberos memleak btest.
Add Kerberos analyzer btest.
Update baselines for Kerberos analyzer.
Add known ports to krb/main.bro
KRB: Clean up krb.log a bit.
Kerberos: Remove debugging output.
Kerberos: Fix a memleak.
Kerberos: A couple small tweaks.
Kerberos: Fix parsing of the cipher in tickets, and add it to the log.
Kerberos: A couple more formatting fixes.
Change krb Info string to success bool
Clean up formatting.
Documentation update, and rework events a bit.
Add support for the SAFE message type.
Add support for AP_REQ, AP_REP, PRIV, and CRED message types.
Fix parsing error for KRB_Ticket_Sequence
Continue clean-up. Some reformatting, removing hard-coded values, documentation, etc.
Kerberos analyzer updates: - Split up the (quite length) krb-protocol.pac into krb-protocol, krb-defs, krb-types and krb-padata - Add some supporting types to get rid of awkward and difficult to read case true/false statements - Clean up the conversion code in krb-analyzer.pac
Improve Kerberos DPD and fix a few parse errors.
...
BIT-1369 #merged
