Commit graph

16609 commits

Author SHA1 Message Date
Vern Paxson
0e5bece385 "add" and "delete" are now expressions rather than statements 2024-05-29 12:40:06 -07:00
Vern Paxson
e9a0a50da5 bug fix for dealing with illegal types of initializers 2024-05-29 12:40:06 -07:00
Vern Paxson
e84b60762a added a space when rendering some expressions so they're more readable 2024-05-29 12:40:05 -07:00
Johanna Amann
03b358f6d1 Merge branch 'files_pe_timestamp_sync' of https://github.com/mvhensbergen/zeek
* 'files_pe_timestamp_sync' of https://github.com/mvhensbergen/zeek:
  Don't hardcode values
  Add btest for timestamp check
  Copy timestamp from file object
2024-05-29 14:16:31 +01:00
Martin van Hensbergen
7f77075c43 Don't hardcode values 2024-05-29 14:00:04 +01:00
Martin van Hensbergen
e993f75ccb Add btest for timestamp check 2024-05-29 13:58:32 +01:00
Tim Wojtulewicz
9e9931f2d6 CI: Add coveralls-lcov gem to ubuntu 24, remove from ubuntu 20 2024-05-28 20:30:22 -07:00
Tim Wojtulewicz
d86e73376b Merge remote-tracking branch 'origin/topic/timw/fix-coverage-part-trois'
* origin/topic/timw/fix-coverage-part-trois:
  CI: Revert part of 2bde82ffa2 to fix coverage builds
2024-05-28 13:06:03 -07:00
Tim Wojtulewicz
ec4661f4b5 CI: Revert part of 2bde82ffa2 to fix coverage builds 2024-05-28 09:01:21 -07:00
zeek-bot
2352d0cccc Update doc submodule [nomail] [skip ci] 2024-05-25 00:10:15 +00:00
Christian Kreibich
e6b41defa0 Merge branch 'topic/christian/fix-zeekygen-quic-warning'
* topic/christian/fix-zeekygen-quic-warning:
  Fix Zeekygen warning for QUIC::unrecognized_version event
2024-05-24 15:04:38 -07:00
Christian Kreibich
3d88918071 Fix Zeekygen warning for QUIC::unrecognized_version event
Docs updates have been warning about being unable to locate that identifier, and
it's because we've not defined it alongside the other QUIC events.
2024-05-24 14:30:42 -07:00
Tim Wojtulewicz
47dd834bdb Merge remote-tracking branch 'origin/topic/johanna/tls-new-groups-and-consts'
* origin/topic/johanna/tls-new-groups-and-consts:
  Update TLS consts, mainly new named curves.
2024-05-24 10:49:42 -07:00
Johanna Amann
34225e83ba Update TLS consts, mainly new named curves.
Add test for X25519Kyber768Draft00 (post-quantum key agreement)
2024-05-23 14:50:36 +01:00
Tim Wojtulewicz
afc89c0480 Merge remote-tracking branch 'origin/topic/timw/fix-coverage-part-deux'
* origin/topic/timw/fix-coverage-part-deux:
  CI: Remove --enable-werror for asan builds
  CI: Run coverage builds for PRs, but only upload on master
  Coverage: Ignore a few errors during generation
  Coverage: don't bother ignoring non-existent bro.dir files
  CI: Re-enable coverage
  CI: Switch asan build back to gcc
  Update cmake submodule [nomail]
  CI: Avoid divide by zero error when generating coverage files
2024-05-21 16:23:23 -07:00
Tim Wojtulewicz
5f75d4bc0b CI: Remove --enable-werror for asan builds
There's a bug in GCC (https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105562) that
causes std::regex to emit some warnings when built with -fsanitize=address. Any
warnings that actually mean anything would be caught by the other sanitizer
builds or by the regular ubuntu24 build.
2024-05-21 15:11:44 -07:00
Tim Wojtulewicz
0cd023b839 CI: Run coverage builds for PRs, but only upload on master 2024-05-21 15:11:44 -07:00
Tim Wojtulewicz
e8f504c0c0 Coverage: Ignore a few errors during generation 2024-05-21 15:11:44 -07:00
Tim Wojtulewicz
0e0852a876 Coverage: don't bother ignoring non-existent bro.dir files 2024-05-21 15:11:43 -07:00
Tim Wojtulewicz
d36fbeb6d0 CI: Re-enable coverage 2024-05-21 15:11:43 -07:00
Tim Wojtulewicz
77c9388211 CI: Switch asan build back to gcc
The tools used for coverage (gcov, lcov) work better with GCC. We could switch
over to similar tools for llvm, but they way they store files during coverage
builds don't work as well for us (mostly the places they store the files).
2024-05-21 15:11:43 -07:00
Tim Wojtulewicz
b8e2f91fc9 Update cmake submodule [nomail] 2024-05-21 15:11:43 -07:00
zeek-bot
24c84f2bb7 Update doc submodule [nomail] [skip ci] 2024-05-21 00:11:22 +00:00
Tim Wojtulewicz
179e4903f1 CI: Avoid divide by zero error when generating coverage files 2024-05-20 17:02:53 -07:00
Tim Wojtulewicz
04c8a6bde7 Merge remote-tracking branch 'origin/topic/vern/smb-filtering'
* origin/topic/vern/smb-filtering:
  Fix for suppressing SMB logging of previously-logged files
2024-05-20 15:54:19 -07:00
Vern Paxson
74bf453d6d Fix for suppressing SMB logging of previously-logged files 2024-05-18 14:13:52 -07:00
Tim Wojtulewicz
1a0fffd714 Merge remote-tracking branch 'origin/topic/bbannier/bump-spicy'
* origin/topic/bbannier/bump-spicy:
  Bump Spicy to latest dev snapshot
2024-05-17 08:56:45 -07:00
mvhensbergen
a4f73ee45f
Copy timestamp from file object
In some cases, e.g. running zeek on short pcaps as opposed to continuous packet streams, network_time() may not equal the time that was used when generating the file object.

This results in the pe.log entry having a different timestamp than its corresponding files.log entry which is strange as they refer to the exact same file.
2024-05-17 15:03:06 +02:00
Benjamin Bannier
8c27d0643f Bump Spicy to latest dev snapshot 2024-05-17 13:33:34 +02:00
Tim Wojtulewicz
301d042ba7 CI: Disable coverage temporarily, broken with clang-18 2024-05-16 18:53:09 -07:00
Tim Wojtulewicz
87870f8345 Merge remote-tracking branch 'origin/topic/vern/zam-subnet-fix'
* origin/topic/vern/zam-subnet-fix:
  Fix for ZAM inlining of nested function calls with the same parameter names
  Fixed ZAM logic error in canonicalizing specialized min/max instructions
  Fixed order-of-evaluation bug in ZAM Subnet-To-Addr instruction
  "-a zam" BTest baseline update reflecting recent Spicy baseline change
2024-05-16 11:09:33 -07:00
Tim Wojtulewicz
237f4c39a4 Merge branch 'topic/timw/no-spicy-head-on-releases'
* topic/timw/no-spicy-head-on-releases:
  CI: Disable spicy_head task for release branches
2024-05-16 09:35:06 -07:00
Tim Wojtulewicz
381ad3d04e CI: Disable spicy_head task for release branches 2024-05-16 09:34:43 -07:00
Tim Wojtulewicz
a4d7587bca Merge remote-tracking branch 'origin/topic/timw/fix-coverage-build'
* origin/topic/timw/fix-coverage-build:
  CI: Use llvm-cov-18 on Cirrus for building coverage data
2024-05-15 20:00:58 -07:00
Vern Paxson
9e5977f24e Fix for ZAM inlining of nested function calls with the same parameter names 2024-05-15 17:32:13 -07:00
Vern Paxson
ca62898a11 Fixed ZAM logic error in canonicalizing specialized min/max instructions 2024-05-15 17:31:30 -07:00
Vern Paxson
5ce5bbdbaa Fixed order-of-evaluation bug in ZAM Subnet-To-Addr instruction 2024-05-15 17:30:29 -07:00
Vern Paxson
39d2ba410e "-a zam" BTest baseline update reflecting recent Spicy baseline change 2024-05-15 17:29:06 -07:00
Tim Wojtulewicz
2bde82ffa2 CI: Use llvm-cov-18 on Cirrus for building coverage data 2024-05-15 13:58:33 -07:00
Tim Wojtulewicz
f1c04fec4b Merge remote-tracking branch 'origin/topic/timw/missing-lcov'
* origin/topic/timw/missing-lcov:
  CI: Add missing lcov package to ubuntu 24 Dockerfile
2024-05-14 11:00:01 -07:00
Tim Wojtulewicz
d5707d606c CI: Add missing lcov package to ubuntu 24 Dockerfile 2024-05-13 22:10:36 -07:00
Tim Wojtulewicz
8337b5f018 Merge remote-tracking branch 'origin/topic/timw/ubuntu-24-sanitizers'
* origin/topic/timw/ubuntu-24-sanitizers:
  CI: Use clang-18 on Ubuntu 24 for sanitizers builds, enable TSan builds
  CI: Add clang-18 to Ubuntu 24.04 VM
2024-05-13 17:40:52 -07:00
Tim Wojtulewicz
cb8e99d739 CI: Use clang-18 on Ubuntu 24 for sanitizers builds, enable TSan builds 2024-05-13 17:40:26 -07:00
Tim Wojtulewicz
1a227659fa CI: Add clang-18 to Ubuntu 24.04 VM 2024-05-13 17:40:26 -07:00
Robin Sommer
e5fa105a1f
Merge remote-tracking branch 'origin/topic/robin/spicy-gh-1657'
* origin/topic/robin/spicy-gh-1657:
  Apply missing fix for https://github.com/zeek/spicy/pull/1723.
2024-05-13 16:39:15 +02:00
Robin Sommer
e02f04c6be
Apply missing fix for https://github.com/zeek/spicy/pull/1723. 2024-05-13 15:29:14 +02:00
Robin Sommer
0edc115ffc
Merge remote-tracking branch 'origin/topic/robin/revert-deferred'
Includes Spicy bump.

* origin/topic/robin/revert-deferred:
  Spicy: Update for https://github.com/zeek/spicy/pull/1738.
2024-05-13 12:20:21 +02:00
Robin Sommer
747e26297b
Spicy: Update for https://github.com/zeek/spicy/pull/1738. 2024-05-13 09:25:37 +02:00
Tim Wojtulewicz
a9649026ae Merge remote-tracking branch 'origin/topic/timw/ci-ubuntu-24-lts'
* origin/topic/timw/ci-ubuntu-24-lts:
  CI: Update asan and ubsan tasks to use Ubuntu 22.04 VM
  CI: Replace Ubuntu 23.10 with Ubuntu 24.04
2024-05-10 10:19:53 -07:00
Robin Sommer
82be6425e6
Merge remote-tracking branch 'origin/topic/robin/gh-3561-forward-to-udp'
* origin/topic/robin/gh-3561-forward-to-udp:
  Update docs.
  Add explicit children life-cycle management method to analyzers.
  Spicy: Support UDP in Spicy's `protocol_*` runtime functions.
  Add method to analyzer to retrieve direct child by name.
  Extend PIA's `FirstPacket` API.
  Spicy: Prepare for supporting forwarding to protocols other than TCP.
2024-05-10 11:15:20 +02:00