[Bro] setting a connection "service" in a signature

[Stephane Chazelas]

2012-08-23 11:11:30 +0100, Stephane Chazelas:
> 2012-08-22 21:44:24 +0100, Stephane Chazelas:
> [...]
> > Here is a simple way. It just uses the "service" flag of a bro
> > "connection" to mark the fact it is skype traffic.
> [...]
> 
> Oh well, sorry, I spoke too soon. That makes bro crash.

If I change it to:

function mark_conn_as_skype(state: signature_state): bool
        {
	# use a temp var to prevent bro from crashing
        local srv = state$conn$service;
        add srv["skype"];
        return T;
        }


Then, it longer crashes and seems to work fine.

-- 
Stephane