* origin/topic/seth/ssl-binpac:
Fixed bug due to vectors now initially indexed on 0.
Finished core support for new SSL analyzer.
SSL analyzer changes with accompanying BiF.
A table_s_of_s type to get around bifcl type limitation.
Regenerated the Mozilla CA bundle without the untrusted server authentication certs.
Complete rewrite to SSL analyzer.
Conflicts:
src/AnalyzerTags.h
src/CMakeLists.txt
Notes:
- Haven't looked at the script-level, postponed to
policy-scripts-new.
- I renamed X509Extension to X509_extension for consistency.
Note: I didn't merge anything in policy/*. Seems there was some
unrelated stuff in there, and the ticket says that the policy script
was a dummy for now anyway.
* origin/topic/seth/syslog-analyzer:
Updates for syslog analyzer to prepare it for merging.
Added the initial syslog analyzer and policy script.
Adding some of the initial scripts that are going to be merged from my script repository.
- The install_pcap_filter BiF no longer will prevent
a filter from being installed if a -f filter was
provided. This was already causing a problem where
command line supplied filters weren't working.
The pcap.bro script is now where the filter update
limitation is placed making it possible for users
to still update the filter at runtime if they really
want to.
With a directory "foo" somewhere in BROPATH, "@load foo" now checks if
there's a file "foo/__load__.bro". If so, it reads that file in. (If
not, Bro reports the same error as before, complaining that it can't
read a directory).
- Certificate and certificate chain validation is now done
fully in policy script land. The script to do this will
be written in the new policy scripts branch once this is
merged.
- Removed hand written SSL analyzer.
- Rewrote and reworked much of the BinPAC SSL analyzer.
- Full DER certificates are extracted as strings to be used with
corresponding BiFs.
- x509_verify function to verify single certs and/or full certificate chains.
* origin/fastpath:
Fix reST markup generated for record redefs.
Fixes for more doc mode corner cases caused by type cloning.
Jon, I added the line below, please double-check.
diff --git a/src/Var.cc b/src/Var.cc
index 7880325..00ac734 100644
--- a/src/Var.cc
+++ b/src/Var.cc
@@ -260,6 +260,7 @@ void add_type(ID* id, BroType* t, attr_list* attr, int /* is_event */)
tnew = new FuncType(t->AsFuncType()->Args(),
t->AsFuncType()->YieldType(),
t->AsFuncType()->IsEvent());
+ break;
default:
SerializationFormat* form = new BinarySerializationFormat();
form->StartWrite();
The output reST filename now reflects the subdir information (by flattening
'/' path separators into the '^' character). This is to prevent file name
conflicts when generated reST docs, but during the CMake 'doc' target to
build HTML docs, everything gets unflattened.
terminators in multi-line replies if the terminator was bare (no
newline). This caused it to ignore the rest of the session that it's
analyzing.
Patch from #444 by Vern.
* remotes/origin/topic/jsiwek/doc-framework:
Adding example documentation for a script's use of logging features.
Adding &log attribute to static attr_names array.
Small typo fix.
Bro doc mode now tracks record redefs that extend its field list.
BroBifDoc was unneeded; now dead code, so removed.
Bro doc mode now only does a "shallow" copy of declared record types
Bro's doc mode now terminates after processing bro_init but before net_run
Fixes related to `make doc` handling of script summary text (##! comments)
Overhaul of "doc" build target for generating policy script documentation.
Add parser error hint when in doc mode about checking ## comment syntax.
Move stuff related to policy script documentation from doc/ to doc/scripts/
Fixing example.bro's auto-reST generation baseline test.
If 'use_conn_size_analyzer' is true, the event engine tracks number of
packets and raw IP bytes per connection. If report_conn_size_analyzer
is true, these values are included as four new columns into conn.log
I changed conn.bro so that the value of report_conn_size_analyzer
follows that of use_conn_size_analyzer. For the new conn.log, we
probably want to get rid of report_conn_size_analyzer anyway.
Include <algorithm> in some sources that require it; addresses #430
Places where STL's min() template function could get used with
arguments of differing types can fail to deduce the right template type.
These are fixed with some type tweaking of local variables and also
giving an explicit template argument for good measure.
Generated script reST documentation is also written out at this time
instead of at the end of lexical scanning.
The persistence serializer will no longer write out Bro's state to the
.state directory when in doc mode.
This is obviously a change that break backwards-compatibility. I hope
I caught all cases where vectors are used ...
I've completely removed the VECTOR_MIN constant. Turns out that was
already not working: some code pieces were nevertheless hard-coding
the 1-based indexing ...
- Summary comments (##!) can now be placed at the beginning of
BiF files (but still outside C segments). An issue was fixed where
these comments would mistakenly be transferred into the generated
.func_def file and cause a compile error. I completely removed writing
any opt_ws value into the .func_def file because it was currently not
writing anything besides whitespace.
- The generation of reST for the collecting of "groups" of policy
script documentation now happens at build time of `make doc` through the
use of a helper script rather than doing this at configure time so that
changes to summary text will always be reflected in the documentation.
filter. (Seth Hall and Robin Sommer)
- Merging in the patch from #264, which provides support for mixed
VLAN and MPLS traffic.
- Changing Bro's default filter from being built dynamically to being
a static "ip or not ip". To get the old behaviour back (i.e., the
dynamically built filter), redef "all_packets" to false.
- print-filter.bro now always prints the filter that Bro is actually
using, even if overriden from the command line.
It's now all implemented in CMake scripting.
The generation of reST docs is now a distinct target, "restdoc", while
the target to generate HTML docs, "doc", depends on "restdoc". reST doc
generation supports incremental builds (documentation for a given policy
script is only regenerated when it is out of date), but HTML doc generation
via ``make doc`` is not incremental (Sphinx always starts with fresh input).
Building the "restdoc" target is now covered by a btest to ensure all
policy scripts are parse-able when Bro is in "doc mode".
Generated reST docs should now support "@load"ing from subdirectories. e.g.
"@load foo/baz" and "@load bar/baz" will now generate the right xref links.
