Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-04 23:58:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
10010 commits 385 branches 195 tags 258 MiB
Commit graph

10010 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jon Siwek
009c1488fc Update submodule(s) 
[nomail]
 2020-04-30 16:41:05 -07:00
Jon Siwek
fda9498276 Merge remote-tracking branch 'origin/topic/seth/more-file-type-ident' 
* origin/topic/seth/more-file-type-ident:
  Adds a note in NEWS about the signature addition and restructuring
  Fixes a small bug in one signature with a duplicate name.
  Organized and added to the shipped file identification signatures.
 2020-04-29 16:32:41 -07:00
Jon Siwek
ccdaf5f111 Merge branch 'stats-logging-fix' of https://github.com/brittanydonowho/zeek 
- Added test case and adjusted whitespace in merge

* 'stats-logging-fix' of https://github.com/brittanydonowho/zeek:
  Fixed stats.zeek to log all data before zeek terminates rather than return too soon
 2020-04-29 15:58:35 -07:00
Jon Siwek
a08b1ff56f Add warning message for unknown Broker statuses 
There's now a couple placeholder/unimplemented status values in Broker
related to upcoming routing features that we don't want to handle
explicitly for compatibility reasons, but also don't want the compiler
warning about unhandled values in the switch.
 2020-04-29 15:28:18 -07:00
Brittany Donowho
97c8912443 Fixed stats.zeek to log all data before zeek terminates rather than return too soon 2020-04-29 17:37:29 -04:00
Jon Siwek
fddb06c3cd Update submodule(s) 
[nomail]
 2020-04-29 14:25:53 -07:00
Seth Hall
43661a2b0b Adds a note in NEWS about the signature addition and restructuring 2020-04-29 11:34:00 -04:00
Seth Hall
dac96a6be3 Fixes a small bug in one signature with a duplicate name. 
Also update a single failing test.
 2020-04-29 11:22:42 -04:00
Seth Hall
15d43dfbcd Organized and added to the shipped file identification signatures. 
- Added ISO 9660 disk image
 - Created new files for categorizing signatures better.
   - executable.sig - Executable (and bytecode) files.
   - java.sig - Java related files (class/jar, etc).
   - programming.sig - Mostly scripting language identification
 2020-04-29 11:08:32 -04:00
Jon Siwek
4a76229209 GH-941: Fix build when configured to use libmaxminddb 2020-04-28 17:12:51 -07:00
Robin Sommer
f7fd24cf15 Updating submodule. 2020-04-28 10:07:31 +00:00
Jon Siwek
034b4b5ea7 Merge remote-tracking branch 'origin/topic/timw/intrusiveptr-warnings' 
* origin/topic/timw/intrusiveptr-warnings:
  Fix a few more IntrusivePtr deprecation warnings
 2020-04-27 13:38:45 -07:00
Jon Siwek
b776f17cea Merge remote-tracking branch 'origin/topic/vern/any-typetype-when-fix' 
- Minor whitespace adjutment in merge

* origin/topic/vern/any-typetype-when-fix:
  bug fixes for using "when" in functions that have a local of type "any"
 2020-04-27 13:33:40 -07:00
Tim Wojtulewicz
07a1821bcc Fix a few more IntrusivePtr deprecation warnings 2020-04-27 12:59:19 -07:00
Johanna Amann
faa8a38578 Merge remote-tracking branch 'origin/topic/jsiwek/gh-854-preserve-header-name' 
* origin/topic/jsiwek/gh-854-preserve-header-name:
  GH-854: provide access to original HTTP/MIME header names
 2020-04-27 19:31:49 +00:00
Johanna Amann
0136648342 Merge remote-tracking branch 'origin/topic/jsiwek/empty-bloomfilter-lookup' 
* origin/topic/jsiwek/empty-bloomfilter-lookup:
  Remove error message from empty bloomfilter lookups
 2020-04-27 19:23:16 +00:00
Johanna Amann
bb2f328cff Merge remote-tracking branch 'origin/topic/vern/unused' 
* origin/topic/vern/unused:
  unused variables found via use-def analysis (plus an indentation micro-nit)
 2020-04-27 19:21:33 +00:00
Tim Wojtulewicz
13674e7c31 Merge remote-tracking branch 'origin/topic/jsiwek/bif-return-intrusive' 
* origin/topic/jsiwek/bif-return-intrusive:
  Update various BIFs to return IntrusivePtr
 2020-04-27 12:09:58 -07:00
Jon Siwek
9e56881c70 Update various BIFs to return IntrusivePtr 2020-04-27 11:50:35 -07:00
Vern Paxson
fe46ef06a0 unused variables found via use-def analysis (plus an indentation micro-nit) 2020-04-25 18:06:47 -07:00
Vern Paxson
b86d5b4424 bug fixes for using "when" in functions that have a local of type "any" 2020-04-25 16:56:24 -07:00
Tim Wojtulewicz
17f72d6be6 Update submodule 
[nomail]
 2020-04-24 16:22:33 -07:00
Tim Wojtulewicz
cb40dbd58b Merge remote-tracking branch 'origin/topic/jsiwek/intrusive-ptr-chipping' 
* origin/topic/jsiwek/intrusive-ptr-chipping:
  Deprecate returning Val* from BIFs
  Deprecate binpac::string_to_val
  Deprecate binpac::bytestring_to_val, replace with binpac::to_stringval
  Update deprecated BifEvent::generate_* usages
  Deprecate Connection::Event and Analyzer::Event methods
  Deprecate BuildConnVal() methods and update usages to ConnVal()
  Update all BIFs to return IntrusivePtr instead of Val*
  Update deprecated ValManager::GetPort usages
  Update deprecated ValManager::GetEmptyString usages
  Update deprecated ValManager::GetCount usages
  Update deprecated ValManager::GetInt usages
  Update deprecated ValManager::GetBool usages
  Update deprecated ValManager GetTrue/GetFalse usages
  Deprecate all ValManager "Get" methods
  Change BIFs to return a wrapper object
 2020-04-24 16:20:08 -07:00
Jon Siwek
f452f26d11 Remove error message from empty bloomfilter lookups 
If a bloomfilter doesn't have a type, that just means no
bloomfilter_add() has been called yet, so seems undesirable to emit an
error for a lookup against something that's known to be empty.
 2020-04-24 10:15:57 -07:00
Jon Siwek
6e2cd3ae44 Merge branch 'ident_overflow' of https://github.com/MaxKellermann/zeek 
* 'ident_overflow' of https://github.com/MaxKellermann/zeek:
  analyzer/protocol/ident: fix buffer overflow in ParsePort()
 2020-04-22 10:44:43 -07:00
Max Kellermann
9b2709ca18 analyzer/protocol/ident: fix buffer overflow in ParsePort() 
The given buffer is not null-terminated; the method must obey the
"end_of_line" pointer.
 2020-04-22 17:26:06 +02:00
Jon Siwek
f849571910 Merge remote-tracking branch 'origin/topic/johanna/remove_connection_external' 
* origin/topic/johanna/remove_connection_external:
  Remove connection_external
 2020-04-21 10:26:07 -07:00
Johanna Amann
e3de46ba9b Remove connection_external 
This event was forgotten in our broccoli cleanup. It cannot be
raised by anything anymore.
 2020-04-21 09:00:05 -07:00
Jon Siwek
5032993b94 GH-854: provide access to original HTTP/MIME header names 
The "http_header" event now has an "original_name" parameter that allows
access to the original header name (the "name" parameter reamins the
same as before: it's the uppercased header name).

The "mime_header_rec" record type now also includes an "original_name"
field to similarly provide access to original header name in the
following events: "http_all_headers", "mime_one_header", and
"mime_all_headers".
 2020-04-20 16:56:41 -07:00
Jon Siwek
80d3918b13 Deprecate returning Val* from BIFs 2020-04-20 15:20:42 -07:00
Jon Siwek
6c0a9b0d8f Deprecate binpac::string_to_val 2020-04-20 14:43:06 -07:00
Jon Siwek
743303950b Deprecate binpac::bytestring_to_val, replace with binpac::to_stringval 2020-04-20 14:30:49 -07:00
Johanna Amann
cfe6616de1 Update submodule 
[nomail]
 2020-04-19 19:45:08 -07:00
Jon Siwek
81517bd703 Update deprecated BifEvent::generate_* usages 2020-04-17 18:42:58 -07:00
Jon Siwek
e60a7afbbc Update submodule(s) 
[nomail]
 2020-04-17 10:22:51 -07:00
Johanna Amann
0eb04da821 Update submodule 
[nomail]
 2020-04-16 22:15:50 -07:00
Jon Siwek
9b2fb29aca Deprecate Connection::Event and Analyzer::Event methods 
And update usages to the "EnqueueEvent" methods.
 2020-04-16 19:45:30 -07:00
Jon Siwek
2a63e4a4a2 Deprecate BuildConnVal() methods and update usages to ConnVal() 
The later being a new method that returns IntrusivePtr
 2020-04-16 17:00:01 -07:00
Jon Siwek
094d6de979 Update all BIFs to return IntrusivePtr instead of Val* 2020-04-16 17:00:01 -07:00
Jon Siwek
d7be84de97 Update deprecated ValManager::GetPort usages 2020-04-16 16:47:19 -07:00
Jon Siwek
de8761f761 Update deprecated ValManager::GetEmptyString usages 2020-04-16 16:46:38 -07:00
Jon Siwek
93f4c5871b Update deprecated ValManager::GetCount usages 2020-04-16 16:46:36 -07:00
Jon Siwek
0ddac4abcf Update deprecated ValManager::GetInt usages 2020-04-16 16:44:35 -07:00
Jon Siwek
d9edd855da Update deprecated ValManager::GetBool usages 2020-04-16 16:44:33 -07:00
Jon Siwek
9af84bb2b0 Update deprecated ValManager GetTrue/GetFalse usages 2020-04-16 16:40:59 -07:00
Jon Siwek
202b3f877d Deprecate all ValManager "Get" methods 
Alternate methods that return IntrusivePtr are available in similarly
named methods that omit the "Get" prefix.
 2020-04-16 16:40:57 -07:00
Jon Siwek
eb77411dbf Change BIFs to return a wrapper object 
That allows returning either Val* or IntrusivePtr<T>.  The former could
eventually be deprecated, but it's used extensively at the moment.
 2020-04-16 16:40:07 -07:00
Jon Siwek
8843f69002 Remove ineffective &default in netcontrol cluster event handler args 2020-04-16 15:40:27 -07:00
Johanna Amann
730f78d0c2 Merge remote-tracking branch 'origin/topic/jsiwek/no-vla' 
* origin/topic/jsiwek/no-vla:
  GH-895: Remove use of Variable-Length-Arrays

Fixes GH-895
 2020-04-16 14:18:38 -07:00
Johanna Amann
df71d963c9 Merge remote-tracking branch 'origin/topic/jsiwek/krb-consts-defaults' 
* origin/topic/jsiwek/krb-consts-defaults:
  Add default function for Kerberos constant-lookup-tables
 2020-04-16 13:05:05 -07:00