* origin/topic/seth/fix-compiler-warnings:
Fixed problem with PRI macros.
PRI macros are currently not working for some reason.
Two more small compile time error fixes.
Cleaned up the output from running binpac.
Added line to expect shift/reduce errors in parse.in
Cleaned up g++ warnings.
Addition: I fixed a few more warnings I was getting, and tweaked some
of the existing changes slightly.
* remotes/origin/topic/robin/work:
*Now* this passes the test suite.
Fixes to SSL/TLS analyzer
Added new TLS ciphers
Removing some apparently unnecessary lines.
A few smaller tweaks.
Prepared the old analyzer for extracting SSL extensions.
Fixed bug in do_split implementation.
Removed an accidental debugging printf.
Readded the other changes to remove CheckString calls from strings.bif.
Fixed the problem with do_split function which caused it to bail 1 separator early.
Modification from rmkml to support SSL extensions.
Updated SSL analyzer and Bro script with lots of new ciphers.
* remotes/origin/topic/seth/strings-without-checkstring:
*Now* this passes the test suite.
Removing some apparently unnecessary lines.
A few smaller tweaks.
Fixed bug in do_split implementation.
Removed an accidental debugging printf.
Readded the other changes to remove CheckString calls from strings.bif.
Fixed the problem with do_split function which caused it to bail 1 separator early.
* origin/topic/seth/ssl-analyzer-work:
Fixes to SSL/TLS analyzer
Added new TLS ciphers
Prepared the old analyzer for extracting SSL extensions.
Modification from rmkml to support SSL extensions.
Updated SSL analyzer and Bro script with lots of new ciphers.
This is per #375.
Record types can now get additional fields later via '+='. The added
fields must however either be &optional or have a &default value.
Example:
type Foo: record {
a: count;
b: count &optional;
};
redef record Foo += {
c: count &default=42;
d: count &optional;
};
global f: Foo = [$a=21];
print f;
Output:
[a=21, b=<uninitialized>, c=42, d=<uninitialized>]
table/set indices.
This addresses #367. In principle, the fix is quite straightford.
However, it turns out that sometimes record fields lost their
attributes on assignment, and then the hashing can't decide anymore
whether a field is optional or not. So that needed to be fixed as
well.
I got the last fix wrong and I was still misunderstanding
one behavior of the existing do_split function. When a
separator match goes to the last character of the string,
a blank string element should be appended to the
string_array to indicate that a successful split occurred.
Analyzer can cope with zero length client and server
certificates. It does still generate a weird though.
Extended cipherspec_size weirds are not thrown anymore,
they are incredibly overwhelming and should be handled
completely at the scripting in my opinion.
Integrated and expanded on patch Rmkml from ticket #209
that fixes problem with not parsing or expecting SSL
extensions. SSL extensions still are not extracted
and passed to script land, but the analyzer doesn't
fail anymore.
Added an extra dependency to the dce_rpc pac files
and running binpac with the -q (quiet) flag which
requires changes to binpac which will be committed
soon.
* remotes/origin/topic/bro_dns_fake_message:
Reworded BRO_DNS_FAKE message.
Added a BRO_DNS_FAKE message to the help output.
Changed to show on/off rather than the variable's content.
* origin/fastpath:
Removing noisy output about doing incremental serialization. Addresses #292.
Loading scan.bro in portmappter.bro, per #330.
Connection compressor fix from #338.
Working around not being able to do lookup_addr() for IPv6 addresses.
IPv6 UDP checksum calculation was broken. (Matti Mantere)
Fix for portmapper analyzer segfaulting when parsing portmap dump replies. (Gregor Maier)
Keep buffering state across file rotation (Justin Azoff)
