### Last broctl merge into trunk: r7098

############### Ready to merge and patch filed with tracker

- Fix for non-resuming workers. Closes #187.

  $Revisions: r6975,r6993 @suspend
 
  Status: Ready to merge. 

- The file_opened event is now consistlely raised for all fopen()
  calls.
  
  Status: Ready to merge.
  
################ Ready to merge but patch not yet filed with tracker.

################ For local use only (not need to merge into trunk).

- Including SVN revision number into version message.

  Status: Works.

  $Revisions: r4041,r4058,r4329 

- Two debugging aids:

  - If compiled with --enable-debug, Bro outputs its process limits
    (core file size, etc.) at startup.
    
  - New built-in abort() which calls the corresponding C function.

  Status: Works but probably not really worth merging into trunk. 

  $Revisions: r4815 

- Some machinery for benchmarking the time-machine interface.

  Status: Done but not really suitable for merging upstream. 

  $Revisions: r4929 

################ In-progress.

- Highly-experimental XML analyzer from Tobias.

      
      For the record, to get it running (this is all for FreeBSD;
      perhaps it's easier on Linux):
      
          * Install Xerces from http://xml.apache.org/xerces-c.
          Tested with version 2.7.0. Do not use the FreeBSD because 
          XQilla (see below) needs implementation files to compile.
          
            > cd xerces-c-src_2_7_0/src/xercesc
            > patch <see-below-for-patch # Patch required build wo/ threads on FBSD; they don't work.
            > export XERCESCROOT=<path-to-xerces-c-src_2_7_0>
            > ./runConfigure -pfreebsd -cgcc -xg++ -minmem -nsocket -tnative -P/usr/local
            > gmake
            > gmake install
            
            [# "install" Seems to work now
             > cd xerces-c-src_2_7_0/lib
             > cp * /usr/local/lib  # "make install" does not work for some reason.
            ]
            
          * Install XQilla from http://xqilla.sourceforge.net/HomePage.
          Tested with version 1.0.1.
          
            > cd XQilla-1.0.1
            > configure --with-xerces=/absolute/path/to/xerces-c-src_2_7_0 --prefix=/usr/local
            > make install
          
          This is the patch for Xerces:


          --- xerces-c-src_2_7_0/src/xercesc/runConfigure Wed Sep  7 08:55:53 2005
          +++ xerces-c-src_2_7_0-patched/src/xercesc/runConfigure Wed Jun 27 15:04:08 2007
          @@ -332,8 +332,8 @@
                          ;;
                   esac
               elif test $platform = "freebsd"; then
          -        threadingLibs="-pthread -lc_r"
          -        threadingDefines="-D_THREAD_SAFE -DXML_USE_PTHREADS"
          +        threadingLibs=""
          +        threadingDefines="-DAPP_NO_THREADS"
               elif test $platform = "netbsd"; then
                   threadingLibs="-pthread -lpthread"
                   threadingDefines="-D_THREAD_SAFE -DXML_USE_PTHREADS"


  Status: compiles if XML support in not compiled in. :-) Otherwise untested. 

  Revisions merged in from Tobias up to: r4648

  $Revisions: r4512,r4521,r4534,r4538,r4550,r4697 

- SOCKS v4 analyzer. 

  socks.bro is a port-independent SOCKS v4 analyzer which (1)
  detects SOCKS connection and extracts the the relay information,
  and (2) then passes the actual payload through Bro's standard
  protocol processing. 

  $Revisions: r5603,r5852

  Status: Experimental. 

- Logging the request number in http.log. With pipelined sessions,
  it otherwise not clear which log lines belong to which request.

  Note that this introduces an additional field into http.log and 
  might therefore break scripts parsing it. Perhaps we should make
  this optionable. 

  $Revisions: r5855,r5905

  Status: Under test. 

- Work-around for an apparent bug in the serialization code. In some
  (rather rare) cases, Bro crashes during serializing persistent
  state. I suspect the problem to be somewhere in the incremental
  table serialization; once that is disabled, I don't see the
  crashes anymore. So, as a work-around I'm temporarily disabling
  incremental serialization until that it's fixed.  Will investigate
  further. 
  
  $Revisions: r6502

  Status: temporary work-around

################ Deferred.
    
- Using autoconf to figure out whether we have stdint.h.
    
  Status: Deferred, due to autoconf bloat. Reconsider when we need
  more from stdint.h.
        
  $Revisions: r3746
                
- Append_addl* functions reduce the string to a reasonalbe length.

  Status: Deferred, due to portmapper.bro putting lots of stuff into
  addl. Reconsider when portmapper got its own log-file.
    
  $Revisions: r3747
                
- Code to debug communication issues. There are some occasional
  internal errors in the cluster setup which appear to be due to
  nodes' communication getting out of sync. 
  
  This patch adds a compile-time option DEBUG_COMMUNICATION which
  in such cases dumps the most recently transmitted data to disk.
  Hopefully this will shed some light on what's going on. 
  
  Default is off.
  
  (Note that this does *not* require compilation with --enable-debug).
  
  Status: This has been removed for now. 

  $Revisions: r5389,r5391,r5410