Mirror/zeek - git.uphillsecurity.com: We code.

mirror of https://github.com/zeek/zeek.git synced 2025-10-14 04:28:20 +00:00

Author	SHA1	Message	Date
Bernhard Amann	81d0def327	Add minimal testcase for sqlite writer crash. The writer did not work with a non-empty set or vector as the last element in the logged column.	2013-11-10 22:04:16 -08:00
Jon Crussell	cb6f6467c7	Fixed Segmentation fault in SQLite Writer. Segmentation fault caused by accessing fields with pos which is one-based for setting SQLite field values. Fix is to simply subtract one from pos. Discovered when trying to store HTTP traffic to a SQLite database with the following Bro script: event bro_init() { local filter: Log::Filter = [ $name = "sqlite", $path = "http", $config = table(["tablename"] = "http_logs"), $writer = Log::WRITER_SQLITE ]; Log::add_filter(HTTP::LOG, filter); }	2013-11-10 22:02:24 -08:00
Seth Hall	1e43dfc46a	Fix the irc_reply event for certain server message types.	2013-11-08 16:49:03 -05:00
Seth Hall	cc314084a8	Fix the irc_reply event for several server message types.	2013-11-08 16:47:22 -05:00
Robin Sommer	071bd2689d	Updating CHANGES and VERSION.	2013-11-07 10:26:35 -08:00
Robin Sommer	48117eda37	Removing one more "beta".	2013-11-07 10:25:50 -08:00
Robin Sommer	91a6fb9af7	Updating submodule(s). [nomail]	2013-11-07 07:09:29 -08:00
Robin Sommer	1164fdfb46	Removing location information from ssh.log in external tests.	2013-11-07 02:19:23 -08:00
Robin Sommer	18ba9a1626	Updating submodule(s). [nomail]	2013-11-07 01:22:21 -08:00
Robin Sommer	ba258ab865	Updating CHANGES and VERSION.	2013-11-07 01:21:20 -08:00
Robin Sommer	da9c31db55	Fixing warnings during doc build. Includes adding a stub file that has been missing for a while already.	2013-11-07 00:46:48 -08:00
Robin Sommer	f46e4a5578	Merge remote-tracking branch 'origin/fastpath' * origin/fastpath: Fix typos in sumstats doc and update doc test Update docs and tests for a recent change to detect-MHR.bro Update tests and baselines for sumstats docs	2013-11-06 22:55:01 -08:00
Daniel Thayer	410e4babd0	Fix typos in sumstats doc and update doc test	2013-11-06 18:56:39 -06:00
Daniel Thayer	85d8653bce	Update docs and tests for a recent change to detect-MHR.bro	2013-11-06 15:58:24 -06:00
Daniel Thayer	9ed5f8bae8	Update tests and baselines for sumstats docs	2013-11-06 14:56:32 -06:00
Seth Hall	0a1ee9af1b	Merge remote-tracking branch 'origin/topic/vladg/ssh-log-fix' * origin/topic/vladg/ssh-log-fix: Remove resp_size from the log. Refactor when we write out to the log a bit. Geodata now works reliably. Fix resp_size in ssh.log, require a minimum resp_size for the heuristic. Some work on geodata, but still a WIP.	2013-11-06 14:42:02 -05:00
Seth Hall	ef33696d2e	Merge branch 'master' of ssh://git.bro-ids.org/bro	2013-11-06 13:52:38 -05:00
Seth Hall	fab47cc749	Added a document for the SumStats framework.	2013-11-06 13:52:29 -05:00
Robin Sommer	bd4cc712c5	Updating submodule(s). [nomail]	2013-11-06 07:22:27 -08:00
Robin Sommer	dc6ef20511	Updating submodule(s). [nomail]	2013-11-06 00:23:51 -08:00
Robin Sommer	2fbc50b4a6	Merge remote-tracking branch 'origin/fastpath' * origin/fastpath: Change MHR notice sub message URL to a redef. Update VirusTotal URL to work with changes to their website.	2013-11-06 00:20:52 -08:00
Jon Siwek	bdd359d58c	Broxygen can now read a config file specifying particular targets. Though nothing currently gets built as most dependency/outdated checks and doc-generation methods are still skeleton code.	2013-11-05 16:40:24 -06:00
Vlad Grigorescu	8ad2ab44e2	Change MHR notice sub message URL to a redef.	2013-11-05 17:10:19 -05:00
Vlad Grigorescu	09779836cb	Update VirusTotal URL to work with changes to their website.	2013-11-05 12:06:33 -05:00
Vlad Grigorescu	d108481e73	Remove resp_size from the log. Refactor when we write out to the log a bit. Geodata now works reliably.	2013-11-05 11:58:00 -05:00
Jon Siwek	1fabbd441c	Remove unneeded Broxygen comments in scan.bro. They just duplicated the text from where the events are originally declared and also it's not generally useful to Broxygen-style comment event handlers (they're more of an implementation detail of a script, not a user-facing element).	2013-11-05 10:54:05 -06:00
Vlad Grigorescu	2cf90d986e	Fix resp_size in ssh.log, require a minimum resp_size for the heuristic. Some work on geodata, but still a WIP.	2013-11-05 11:34:32 -05:00
Jon Siwek	3046013d69	Replace safe_basename/safe_dirname w/ SafeBasename/SafeDirname. So errors can be better handled.	2013-11-04 11:42:39 -06:00
Jon Siwek	96ed7aed1a	Merge branch 'master' into topic/jsiwek/broxygen	2013-11-04 10:17:24 -06:00
Robin Sommer	886266e8af	Merge remote-tracking branch 'origin/fastpath' * origin/fastpath: Remove swig-ruby from required packages section of install doc	2013-11-03 22:53:54 -08:00
Daniel Thayer	13ff4374dd	Remove swig-ruby from required packages section of install doc	2013-11-04 00:00:23 -06:00
Robin Sommer	a9d8748614	Updating submodule(s). [nomail]	2013-11-01 05:26:32 -07:00
Robin Sommer	101fbdeff7	Adding source and original copyright statement to Mozilla cert list.	2013-11-01 05:24:43 -07:00
Robin Sommer	5f863df91f	Canonfying an intel test to not depend on output order.	2013-11-01 05:03:54 -07:00
Robin Sommer	114c9a6c9c	Updating submodule(s). [nomail]	2013-11-01 04:52:43 -07:00
Robin Sommer	ae8e12c629	Updating submodule(s). [nomail]	2013-10-31 00:20:58 -07:00
Jon Siwek	b38efa58d0	Merge branch 'master' into topic/jsiwek/broxygen Conflicts: testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log	2013-10-30 16:20:48 -05:00
Jon Siwek	3a99aaaf0a	Add BIF interface for retrieving comments/docs. The new BIFs: - get_identifier_comments - get_script_comments - get_package_readme - get_record_field_comments	2013-10-30 16:07:57 -05:00
Robin Sommer	49f31acebe	Merge remote-tracking branch 'origin/topic/jsiwek/thread-termination' * origin/topic/jsiwek/thread-termination: Fix thread processing/termination conditions. BIT-1093 #merged	2013-10-30 05:05:06 -07:00
Jon Siwek	22d35d2c8c	Fix thread processing/termination conditions. A thread that is done/killed should signify that the thread manager has some processing to do -- it needs to process any messages in its out queue, join the thread, and delete it. Otherwise the thread manager may reach a state where it makes no progress in processing the last remaining done/killed thread.	2013-10-29 14:40:07 -05:00
Robin Sommer	601b1b9fd0	Merge branch 'master' of git.bro.org:bro	2013-10-29 09:31:59 -07:00
Robin Sommer	943f44314a	Merge remote-tracking branch 'origin/fastpath' * origin/fastpath: Don't build broccoli ruby bindings by default, use --enable-ruby to do so. Revert "Fix race condition in unit test." Fix race condition in unit test. Change percent_lost in capture-loss from a string to a double.	2013-10-29 09:28:13 -07:00
Jon Siwek	7c7967c1ab	Don't build broccoli ruby bindings by default, use --enable-ruby to do so.	2013-10-29 11:04:34 -05:00
Jon Siwek	b2d6ccfb19	Revert "Fix race condition in unit test." This reverts commit `b255aedc26`. The test should work as it was -- actually seems to be a race in the thread termination code.	2013-10-29 10:45:11 -05:00
Seth Hall	26be082951	Return the Dir module to file name tracking instead of inode tracking.	2013-10-29 11:09:55 -04:00
Vlad Grigorescu	e1d2f6d82f	Change percent_lost in capture-loss from a string to a double.	2013-10-29 06:03:34 -07:00
Jon Siwek	b255aedc26	Fix race condition in unit test. Removing an input stream immediately after it's created causes a race to read the entire file before the reader gets the signal to stop.	2013-10-28 13:24:24 -05:00
Jon Siwek	8d0a74d606	Merge branch 'master' into fastpath	2013-10-28 13:18:37 -05:00
Vlad Grigorescu	31c7c1a673	Change percent_lost in capture-loss from a string to a double.	2013-10-28 08:09:16 -04:00
Robin Sommer	eff96bef37	Updating submodule(s). [nomail]	2013-10-26 19:20:09 -07:00

... 3 4 5 6 7 ...

4700 commits