############## Ready to merge.

################ For local use only (not need to merge into trunk).

- Including SVN revision number into version message.

  Status: Works.

  $Revisions: r4041,r4058,r4329

- Two debugging aids:

  - If compiled with --enable-debug, Bro outputs its process limits
    (core file size, etc.) at startup.
    
  - New built-in abort() which calls the corresponding C function.

  Status: Works but probably not really worth merging into trunk. 

  $Revisions: r4815

- Some machinery for benchmarking the time-machine interface.

  Status: Done but not really suitable for merging upstream. 

  $Revisions: r4929

- Code to debug communication issues. There are some occasional
  internal errors in the cluster setup which appear to be due to
  nodes' communication getting out of sync. 
  
  This patch adds a compile-time option DEBUG_COMMUNICATION which
  in such cases dumps the most recently transmitted data to disk.
  Hopefully this will shed some light on what's going on. 
  
  Default is off.
  
  (Note that this does *not* require compilation with --enable-debug).
  
  Status: Experimental

  $Revisions: r5389,r5391,r5410

################ In-progress.

- Script suite for cluster management in aux/cluster.

  Status: work in progress.

  I'm not going to maintain a revision list for this; all work will
  be confined to this subdirectory.

- Highly-experimental XML analyzer from Tobias.

      
      For the record, to get it running (this is all for FreeBSD;
      perhaps it's easier on Linux):
      
          * Install Xerces from http://xml.apache.org/xerces-c.
          Tested with version 2.7.0. Do not use the FreeBSD because 
          XQilla (see below) needs implementation files to compile.
          
            > cd xerces-c-src_2_7_0/src/xercesc
            > patch <see-below-for-patch # Patch required build wo/ threads on FBSD; they don't work.
            > export XERCESCROOT=<path-to-xerces-c-src_2_7_0>
            > ./runConfigure -pfreebsd -cgcc -xg++ -minmem -nsocket -tnative -P/usr/local
            > gmake
            > gmake install
            
            [# "install" Seems to work now
             > cd xerces-c-src_2_7_0/lib
             > cp * /usr/local/lib  # "make install" does not work for some reason.
            ]
            
          * Install XQilla from http://xqilla.sourceforge.net/HomePage.
          Tested with version 1.0.1.
          
            > cd XQilla-1.0.1
            > configure --with-xerces=/absolute/path/to/xerces-c-src_2_7_0 --prefix=/usr/local
            > make install
          
          This is the patch for Xerces:


          --- xerces-c-src_2_7_0/src/xercesc/runConfigure Wed Sep  7 08:55:53 2005
          +++ xerces-c-src_2_7_0-patched/src/xercesc/runConfigure Wed Jun 27 15:04:08 2007
          @@ -332,8 +332,8 @@
                          ;;
                   esac
               elif test $platform = "freebsd"; then
          -        threadingLibs="-pthread -lc_r"
          -        threadingDefines="-D_THREAD_SAFE -DXML_USE_PTHREADS"
          +        threadingLibs=""
          +        threadingDefines="-DAPP_NO_THREADS"
               elif test $platform = "netbsd"; then
                   threadingLibs="-pthread -lpthread"
                   threadingDefines="-D_THREAD_SAFE -DXML_USE_PTHREADS"


  Status: compiles if XML support in not compiled in. :-) Otherwise untested. 

  Revisions merged in from Tobias up to: r4648

  $Revisions: r4512,r4521,r4534,r4538,r4550,r4697

- SOCKS v4 analyzer. 

  socks.bro is a port-independent SOCKS v4 analyzer which (1)
  detects SOCKS connection and extracts the the relay information,
  and (2) then passes the actual payload through Bro's standard
  protocol processing. 

  $Revisions: r5603,r5852

  Status: Experimental.

- Logging the request number in http.log. With pipelined sessions,
  it otherwise not clear which log lines belong to which request.

  Note that this introduces an additional field into http.log and 
  might therefore break scripts parsing it. Perhaps we should make
  this optionable. 

  $Revisions: r5855,r5905

  Status: Under test.

- Fine-tuning reporting of DPD's protocol violations:

  * Analuzer::ProtocolViolation() method can now get passed the
    offending data (which POP3, SMTP, and FTP now do). This
    information is added to the "reason" string passed to the script
    level.

  * Fine-tuning when SMTP reports a violation.
  
  * FTP stops processing when client & server successfully negotiate
    an AUTH scheme.
    
  * Analuzer::ProtocolViolation() is virtual and
    TCP_ApplicationAnalyzer overrides it to not report violations
    for any partial connections because very likely it was just the
    analyzer which got confused. 
    
  * TCP::IsPartial() returns true if any side did not start with a
    SYN packet (used to be just orig). 
    
    NOTE: This might change some other semantics as well. Need to
    run test-suite.

  * higher &priority for connection_state_remove handler in conn.bro
    so that other handlers for the same event can use
    determine_service() and already see any changes it performs.

  $Revisions: r6056,r6061

  Status: Under test. 

################ Deferred.
    
- Using autoconf to figure out whether we have stdint.h.
    
  Status: Deferred, due to autoconf bloat. Reconsider when we need
  more from stdint.h.
        
  $Revisions: r3746
                
- Append_addl* functions reduce the string to a reasonalbe length.

  Status: Deferred, due to portmapper.bro putting lots of stuff into
  addl. Reconsider when portmapper got its own log-file.
    
  $Revisions: r3747