mirror of
https://github.com/zeek/zeek.git
synced 2025-10-03 15:18:20 +00:00
984e9793db
* origin/topic/seth/faf-updates: (27 commits) Undoing the FTP tests I updated earlier. Update the last two btest FAF tests. File analysis fixes and test updates. Fix a bug with getting analyzer tags. A few test updates. Some tests work now (at least they all don't fail anymore!) Forgot a file. Added protocol description functions that provide a super compressed log representation. Fix a bug where orig file information in http wasn't working right. Added mime types to http.log Clean up queued but unused file_over_new_connections event args. Add jar files to the default MHR lookups. Adding CAB files for MHR checking. Improve malware hash registry script. Fix a small issue with finding smtp entities. Added support for files to the notice framework. Make the custom libmagic database a git submodule. Add an is_orig parameter to file_over_new_connection event. Make magic for emitting application/msword mime type less strict. Disable more libmagic builtin checks that override the magic database. ... Conflicts: doc/scripts/DocSourcesList.cmake scripts/base/init-bare.bro scripts/test-all-policy.bro testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log
47 lines
1 KiB
Text
47 lines
1 KiB
Text
##! Utilities specific for FTP processing.
|
|
|
|
@load ./main
|
|
@load base/utils/addrs
|
|
|
|
module FTP;
|
|
|
|
export {
|
|
## Creates a URL from an :bro:type:`FTP::Info` record.
|
|
##
|
|
## rec: An :bro:type:`FTP::Info` record.
|
|
##
|
|
## Returns: A URL, not prefixed by "ftp://".
|
|
global build_url: function(rec: Info): string;
|
|
|
|
## Creates a URL from an :bro:type:`FTP::Info` record.
|
|
##
|
|
## rec: An :bro:type:`FTP::Info` record.
|
|
##
|
|
## Returns: A URL prefixed with "ftp://".
|
|
global build_url_ftp: function(rec: Info): string;
|
|
|
|
## Create an extremely shortened representation of a log line.
|
|
global describe: function(rec: Info): string;
|
|
}
|
|
|
|
function build_url(rec: Info): string
|
|
{
|
|
if ( !rec?$arg )
|
|
return "";
|
|
|
|
local comp_path = build_path_compressed(rec$cwd, rec$arg);
|
|
if ( comp_path[0] != "/" )
|
|
comp_path = cat("/", comp_path);
|
|
|
|
return fmt("%s%s", addr_to_uri(rec$id$resp_h), comp_path);
|
|
}
|
|
|
|
function build_url_ftp(rec: Info): string
|
|
{
|
|
return fmt("ftp://%s", build_url(rec));
|
|
}
|
|
|
|
function describe(rec: Info): string
|
|
{
|
|
return build_url_ftp(rec);
|
|
}
|