When defining a function, remember the location where the function header
was and restore it before calling `end_func()`. Inside `end_func()`, a
`BroFunc` object is created using the current global location information.
This came up while experimenting with zeek script profiling and wondering
why the locations set for `BroFunc` were "somewhere" in the middle of
functions instead of spanning them.
During merge I split the test for bro_init/bro_done/bro_script_loaded
event errors into individual tests since the other testing of the zeek
versions of those events seemed fine to otherwise keep.
* origin/topic/robin/631-deprecation-v2:
Update NEWS for naming changes.
Small cleanup and updating submodules.
Remove test for legacy plugin.
Remove legancy symlinks in aux/.
Add warnings when loading scripts ending in ".bro", or using legacy environment variables.
Fix missing rename.
No longer symlink local.zeek to local.bro.
Update notice user agent.
Remove old_comm_usage_is_ok.
Remove bro-config.h.in and bro-path-dev.in.
Change Bro wrapper script to now abort when old executable names are still used.
Remove APIs that were explicitly deprecated to be removed in 3.1.
* origin/topic/jsiwek/supervisor: (44 commits)
Add note that Supervisor script APIs are unstable until 4.0
Move command-line arg parsing functions to Options.{h,cc}
Add btests for supervisor stem/leaf process revival
Move supervisor control events into SupervisorControl namespace
Fix supervisor "destroy" call on nodes not currently alive
Move supervisor source files into supervisor/
Address supervisor code re-factoring feedback from Robin
Convert supervisor internals to rapidjson
Add Supervisor documentation
Add supervisor btests
Improve logging of supervised node errors
Fix supervised node inheritence of command-line script paths
Improve normalize_path() util function
Use a timer to check for death of supervised node's parent
Improve supervisor checks for parent process termination
Improve handling of premature supervisor stem exit
Improve supervisor signal handler safety
Remove unused supervisor config options
Cleanup minor Supervisor TODOs
Improve supervisor debug logging
...
- Removed the superfluous check for C++17 in the merge since that's
a requirement enforced at the CMake-level.
* 'getrandom' of https://github.com/MaxKellermann/zeek:
util: use getrandom() on Linux if available
Unlike /dev/urandom, getrandom() doesn't need a file descriptor and
works when there is no /dev. It requires Linux 3.17 and glibc 2.25,
but there is a fallback to the old code.
For simplicity, this patch uses __has_include() to detect the
availability of this API, but maybe we should move that to cmake.
(It might be useful to refactor the whole random gathering code to a
separate function.)
Adds a weird, "invalid_kerberos_addr_len", for invalid kerberos host
address lengths and also fixes a memory leak when processing KRB_KDC_REQ
and KRB_KDC_REP messages for message types that do not match a
known/expected type.
We now have an &broker_store attribute which automatically sends
inserts/deletes into a set/table to broker.
This might work - I actually did not test if the data ends up in the
broker store in the end. A limitation is that the table/set currently
only can have a one-element type since Broker doesn't support the list
type.
This would mistakenly have the Stem process kill itself due to giving
PID 0 as argument to kill() where it really was being used to mean "that
node does not currently have any live process associated with it" and so
can just be removed without trying to kill/reap.
Tweaks:
- Small change to the logic for removing quotes around strings.
- Updated NEWS & COPYING.3rdparty
- Use of intrusive_ptr for stack-allocated StringVals
- Little bit of refactoring (I would love to merge the two BuildJSON() functions, too, but that's a larger task)
* origin/topic/timw/595-rapidjson:
Use the list of files from clang-tidy when searching for unit tests
Optimize json_escape_utf8 a bit by removing repeated calls to string methods
Expand unit test for json_escape_utf8 to include all of the strings from the ascii-json-utf8 btest
GHI-595: Convert from nlohmann/json to rapidjson for performance reasons
Convert type-checking macros to actual functions
* origin/topic/timw/bit-fields:
Use bools instead of single-bit bitfields in Ident and TCP protocol analyzers
Bit of code-modernization cleanup in BroString
Use fixed types in NetbiosSSN.h and Timer.h instead of bit fields
They're now converting to absolute paths in the argument parsing phase
such that if a supervised node switches working directory, it can still
load the referenced script.
