Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge branch 'topic/christian/zeekygen-parse-only'

Browse source 
* topic/christian/zeekygen-parse-only:
  Fix a typo.
  Update NEWS for Zeekygen parse-only change.
  Remove adjustments and custom terminate() for Zeekygen invocation.
  Suppress warnings on deprecated DPD scripts during Zeekygen
  Stop suppressing stdout during Zeekygen docs generation
  Make Zeekygen docs generation (-X) imply parse-only (-a)
This commit is contained in:
Christian Kreibich 2025-06-06 10:43:07 -07:00
commit b95f1b0925
9 changed files with 26 additions and 21 deletions
Download patch file Download diff file Expand all files Collapse all files

4
CHANGES
View file

@ -1,3 +1,7 @@
8.0.0-dev.389 | 2025-06-06 10:43:07 -0700
* Make Zeekygen docs generation (-X) imply parse-only (-a) (Christian Kreibich, Corelight)
8.0.0-dev.382 | 2025-06-06 17:33:39 +0200 8.0.0-dev.382 | 2025-06-06 17:33:39 +0200
* Fix `&ordered` attribute not preserved in table initializer assignments (赵富鹏) * Fix `&ordered` attribute not preserved in table initializer assignments (赵富鹏)

3
NEWS
View file

@ -156,6 +156,9 @@ Changed Functionality
- `detect-protocol.zeek was the last non-deprecated policy script left in - `detect-protocol.zeek was the last non-deprecated policy script left in
`frameworks/dpd`. It was moved to `frameworks/analyzer/detect-protocol.zeek`. `frameworks/dpd`. It was moved to `frameworks/analyzer/detect-protocol.zeek`.
- Running Zeek with Zeekygen for documentation extraction (-X|--zeekygen
<cfgfile>) now implies -a, i.e., parse-only mode.
Removed Functionality Removed Functionality
--------------------- ---------------------

2
VERSION
View file

@ -1 +1 @@
8.0.0-dev.382 8.0.0-dev.389

2
ci/update-zeekygen-docs.sh
View file

@ -28,7 +28,7 @@ cd $build_dir
export ZEEK_SEED_FILE=$source_dir/testing/btest/random.seed export ZEEK_SEED_FILE=$source_dir/testing/btest/random.seed
function run_zeek { function run_zeek {
ZEEK_ALLOW_INIT_ERRORS=1 zeek -X $conf_file zeekygen >/dev/null ZEEK_ALLOW_INIT_ERRORS=1 zeek -X $conf_file zeekygen
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo "Failed running zeek with zeekygen config file $conf_file" >&2 echo "Failed running zeek with zeekygen config file $conf_file" >&2

2
scripts/base/frameworks/analyzer/dpd.zeek
View file

@ -1,4 +1,4 @@
##! Disables analyzers if protocol violations occur, and add service information ##! Disables analyzers if protocol violations occur, and adds service information
##! to connection log. ##! to connection log.
@load ./main @load ./main

24
scripts/zeekygen/__load__.zeek
View file

@ -2,7 +2,12 @@
# Scripts which are commented out in test-all-policy.zeek. # Scripts which are commented out in test-all-policy.zeek.
@load frameworks/analyzer/deprecated-dpd-log.zeek @load frameworks/analyzer/deprecated-dpd-log.zeek
# Remove in v8.1: replaced by frameworks/analyzer/detect-protocols.zeek
@pragma push ignore-deprecations
@load frameworks/dpd/detect-protocols.zeek @load frameworks/dpd/detect-protocols.zeek
@pragma pop ignore-deprecations
@load protocols/ssl/decryption.zeek @load protocols/ssl/decryption.zeek
@ifdef ( Cluster::CLUSTER_BACKEND_ZEROMQ ) @ifdef ( Cluster::CLUSTER_BACKEND_ZEROMQ )
@load frameworks/cluster/backend/zeromq/connect.zeek @load frameworks/cluster/backend/zeromq/connect.zeek
@ -10,7 +15,12 @@
@load frameworks/cluster/nodes-experimental/manager.zeek @load frameworks/cluster/nodes-experimental/manager.zeek
@load frameworks/control/controllee.zeek @load frameworks/control/controllee.zeek
@load frameworks/control/controller.zeek @load frameworks/control/controller.zeek
# Remove in v8.1: replaced by frameworks/analyzer/packet-segment-logging.zeek
@pragma push ignore-deprecations
@load frameworks/dpd/packet-segment-logging.zeek @load frameworks/dpd/packet-segment-logging.zeek
@pragma pop ignore-deprecations
@load frameworks/management/agent/main.zeek @load frameworks/management/agent/main.zeek
@load frameworks/management/controller/main.zeek @load frameworks/management/controller/main.zeek
@load frameworks/management/node/__load__.zeek @load frameworks/management/node/__load__.zeek
@ -30,17 +40,3 @@
@endif @endif
@load ./example.zeek @load ./example.zeek
event zeek_init() &priority=1000
{
# Disable events in modules that use zeek_init() to do stuff and may
# fail when run under zeekygen. For the purpose of zeekygen, we could
# probably disable all modules, too.
disable_module_events("Control");
disable_module_events("Cluster::Backend::ZeroMQ");
disable_module_events("Cluster::Experimental");
disable_module_events("Management::Agent::Runtime");
disable_module_events("Management::Controller::Runtime");
disable_module_events("Management::Node");
terminate();
}

2
src/Options.cc
View file

@ -133,7 +133,7 @@ void usage(const char* prog) {
printf(" -T|--re-level <level> | set 'RE_level' for rules\n"); printf(" -T|--re-level <level> | set 'RE_level' for rules\n");
printf(" -U|--status-file <file> | Record process status in file\n"); printf(" -U|--status-file <file> | Record process status in file\n");
printf(" -W|--watchdog | activate watchdog timer\n"); printf(" -W|--watchdog | activate watchdog timer\n");
printf(" -X|--zeekygen <cfgfile> | generate documentation based on config file\n"); printf(" -X|--zeekygen <cfgfile> | generate documentation based on config file; implies -a\n");
#ifdef USE_PERFTOOLS_DEBUG #ifdef USE_PERFTOOLS_DEBUG
printf(" -m|--mem-leaks | show leaks [perftools]\n"); printf(" -m|--mem-leaks | show leaks [perftools]\n");

6
src/zeek-setup.cc
View file

@ -641,6 +641,10 @@ SetupResult setup(int argc, char** argv, Options* zopts) {
auto zeekygen_cfg = options.zeekygen_config_file.value_or(""); auto zeekygen_cfg = options.zeekygen_config_file.value_or("");
zeekygen_mgr = new zeekygen::detail::Manager(zeekygen_cfg, zeek_argv[0]); zeekygen_mgr = new zeekygen::detail::Manager(zeekygen_cfg, zeek_argv[0]);
// Zeekygen documentation generation (via -X) implies we only parse:
if ( ! zeekygen_cfg.empty() )
detail::parse_only = true;
add_essential_input_file("base/init-bare.zeek"); add_essential_input_file("base/init-bare.zeek");
add_essential_input_file("builtin-plugins/__preload__.zeek"); add_essential_input_file("builtin-plugins/__preload__.zeek");
add_essential_input_file("base/init-frameworks-and-bifs.zeek"); add_essential_input_file("base/init-frameworks-and-bifs.zeek");
@ -985,7 +989,7 @@ SetupResult setup(int argc, char** argv, Options* zopts) {
} }
} }
if ( options.parse_only ) { if ( detail::parse_only ) {
if ( analysis_options.usage_issues > 0 ) if ( analysis_options.usage_issues > 0 )
analyze_scripts(options.no_unused_warnings); analyze_scripts(options.no_unused_warnings);

2
testing/btest/Baseline/coverage.bare-mode-errors/errors
View file

@ -1,7 +1,5 @@
### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63. ### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
### NOTE: This file has been sorted with diff-sort. ### NOTE: This file has been sorted with diff-sort.
warning in <...>/detect-protocols.zeek, line 1: deprecated script loaded from <...>/__load__.zeek:5 ("frameworks<...>/detect-protocols.zeek moved to frameworks<...>/detect-protocols.zeek. Please switch to frameworks<...>/detect-protocols.zeek. Remove in 8.1")
warning in <...>/detect-protocols.zeek, line 1: deprecated script loaded from command line arguments ("frameworks<...>/detect-protocols.zeek moved to frameworks<...>/detect-protocols.zeek. Please switch to frameworks<...>/detect-protocols.zeek. Remove in 8.1") warning in <...>/detect-protocols.zeek, line 1: deprecated script loaded from command line arguments ("frameworks<...>/detect-protocols.zeek moved to frameworks<...>/detect-protocols.zeek. Please switch to frameworks<...>/detect-protocols.zeek. Remove in 8.1")
warning in <...>/detect-sqli.zeek, line 16: deprecated script loaded from command line arguments "Remove in v8.1: Switch to the improved detect-sql-injection script" warning in <...>/detect-sqli.zeek, line 16: deprecated script loaded from command line arguments "Remove in v8.1: Switch to the improved detect-sql-injection script"
warning in <...>/packet-segment-logging.zeek, line 1: deprecated script loaded from <...>/__load__.zeek:13 ("Please switch to frameworks<...>/packet-segment-logging, which logs to analyzer.log. Remove in 8.1")
warning in <...>/packet-segment-logging.zeek, line 1: deprecated script loaded from command line arguments ("Please switch to frameworks<...>/packet-segment-logging, which logs to analyzer.log. Remove in 8.1") warning in <...>/packet-segment-logging.zeek, line 1: deprecated script loaded from command line arguments ("Please switch to frameworks<...>/packet-segment-logging, which logs to analyzer.log. Remove in 8.1")