Mirror/zeek - git.uphillsecurity.com: We code.

mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00

Author	SHA1	Message	Date
Arne Welzel	d7fbd49d9e	Merge remote-tracking branch 'origin/topic/vern/zam-record-fields-fixes' * origin/topic/vern/zam-record-fields-fixes: fixes for specialized ZAM operations needing to check whether record fields exist	2025-07-30 10:08:21 +02:00
Johanna Amann	a22b45c69e	Merge remote-tracking branch 'origin/topic/johanna/gh-4202' * origin/topic/johanna/gh-4202: Update NEWS for Conn::set_conn changes DNS-fuzzer: raise new_connection event Optimize Conn::set_conn to minimize operations Move Conn::set_conn() from connection_state_remove to new_connection	2025-07-29 21:01:51 +01:00
Arne Welzel	ab282e3637	Merge remote-tracking branch 'origin/topic/awelzel/cluster-event-out-of-detail' * origin/topic/awelzel/cluster-event-out-of-detail: cluster::Event: Move implementation into cluster/Event.{h,cc} cluster: Move cluster::detail::Event to cluster::Event	2025-07-29 18:24:20 +02:00
Tim Wojtulewicz	9f3a1a135f	Merge remote-tracking branch 'origin/topic/timw/fix-fuzzer-conn-key-deprecation' * origin/topic/timw/fix-fuzzer-conn-key-deprecation: Fix ConnKey deprecation warnings from generic fuzzer	2025-07-29 07:41:23 -07:00
Tim Wojtulewicz	743b9e27cc	Merge remote-tracking branch 'origin/topic/timw/fix-irc-analyzer-event-types' * origin/topic/timw/fix-irc-analyzer-event-types: Fix types passed to some of the IRC analyzer events	2025-07-29 07:19:36 -07:00
Tim Wojtulewicz	06ec03046d	Merge remote-tracking branch 'origin/topic/timw/fix-ranges-debian-11-build-failure' * origin/topic/timw/fix-ranges-debian-11-build-failure: Fix build failure with std::ranges on Debian 11	2025-07-29 07:19:11 -07:00
Arne Welzel	cd7836dda2	Merge remote-tracking branch 'origin/topic/awelzel/4431-zeromq-drop-policy-v2' * origin/topic/awelzel/4431-zeromq-drop-policy-v2: cluster.bif: Improve Cluster::publish() docstring btest/cluster/zeromq: Add tests for overload behavior cluster/zeromq: Metric for msg errors cluster/zeromq: Drop events when overloaded cluster/zeromq: Comments and move lookups to InitPostScript() cluster/zeromq: Rework lambdas to member functions cluster/zeromq: Support local XPUB/XSUB hwm and buf configurability cluster/OnLoop: Support DontBlock and Force flags for queueing cluster/ThreadedBackend: Injectable OnLoopProcess instance	2025-07-29 11:38:49 +02:00
Arne Welzel	12518e8256	Merge remote-tracking branch 'origin/topic/awelzel/expose-num-packets-unprocessed' * origin/topic/awelzel/expose-num-packets-unprocessed: ConnStats: Expose num_packets_unprocessed packet_analysis/Manager: Rename GetUnprocessedCount() to PacketsUnprocessed()	2025-07-29 10:12:46 +02:00
Arne Welzel	96f9cc73c3	Merge remote-tracking branch 'origin/topic/awelzel/spicy-format-for-8.0' * origin/topic/awelzel/spicy-format-for-8.0: Update .git-blame-ignore-revs analyzer/protocol: Reformat with spicy-format pre-commit-config: Bump spicy-format to 0.26.0	2025-07-29 10:05:33 +02:00
Tim Wojtulewicz	73d56407b1	Merge remote-tracking branch 'origin/topic/awelzel/3935-dce-rpc-named-pipe-docs' * origin/topic/awelzel/3935-dce-rpc-named-pipe-docs: dce-rpc: Make named_pipe filed docs extensive	2025-07-28 14:18:23 -07:00
Tim Wojtulewicz	22fc57a90a	Merge remote-tracking branch 'origin/topic/johanna/gh-4656' * origin/topic/johanna/gh-4656: Fix parsing of EDNS rcode	2025-07-28 14:16:24 -07:00
Tim Wojtulewicz	8063be111a	Merge remote-tracking branch 'origin/topic/timw/more-irc-coverage' * origin/topic/timw/more-irc-coverage: Expand coverage of IRC analyzer with more commands Add support for ircv3 tags	2025-07-28 14:15:47 -07:00
Tim Wojtulewicz	8aeaed69c5	Merge remote-tracking branch 'origin/topic/timw/lazy-allocate-id-option-handlers' * origin/topic/timw/lazy-allocate-id-option-handlers: Move ID::type in structure to fill memory padding Use sorted forward_list instead of multimap for ID option change handlers	2025-07-28 13:57:26 -07:00
Tim Wojtulewicz	020dd1a848	Merge remote-tracking branch 'origin/topic/timw/cpp20-modernization' * origin/topic/timw/cpp20-modernization: Remove intermediate cipher vectors in ssl-analyzer.pac Reduce the size of Func::Body quite a bit with some extra packing Switch to using std::ranges algorithms Enable modernize-std-numbers clang-tidy checker, fix findings Switch to using c++20 constraints instead of std::enable_if	2025-07-28 13:13:02 -07:00
Evan Typanski	c00314746a	Merge branch 'topic/etyp/deprecate-record-ty-to-vec' * topic/etyp/deprecate-record-ty-to-vec: Deprecate `record_type_to_vector`	2025-07-28 12:25:44 -04:00
Tim Wojtulewicz	a09b4108c8	Merge remote-tracking branch 'origin/topic/timw/odesc-size-t' * origin/topic/timw/odesc-size-t: Use size_t for byte sizes in SerializationFormat Add ODesc::Size() that returns size_t, deprecate ODesc::Len()	2025-07-25 09:14:01 -07:00
Arne Welzel	6e2a18ce4f	Merge remote-tracking branch 'origin/topic/awelzel/conn-id-ctx-singleton' * origin/topic/awelzel/conn-id-ctx-singleton: RecordType: Allow field init deferral of deferrable record constructors Conn: Use conn_id_ctx singleton Conn: Add InitPostScript() and conn_id_ctx singleton ID: Add conn_id_ctx	2025-07-25 10:59:07 +02:00
Tim Wojtulewicz	90da71ef16	Merge remote-tracking branch 'origin/topic/timw/update-broker' * origin/topic/timw/update-broker: Update broker submodule to pull in clang 20 fix [nomail]	2025-07-24 12:46:27 -07:00
Tim Wojtulewicz	9c845d9979	Merge remote-tracking branch 'origin/topic/timw/pid-start-time-metric' * origin/topic/timw/pid-start-time-metric: Add process_start_time_seconds and process_pid metrics	2025-07-24 10:39:52 -07:00
Tim Wojtulewicz	d12b381e3e	Merge remote-tracking branch 'origin/topic/timw/no-weekly-tasks-on-master-pushes' * origin/topic/timw/no-weekly-tasks-on-master-pushes: CI: Only run weekly tasks as part of cron	2025-07-24 08:01:07 -07:00
Arne Welzel	e231efac0b	Merge remote-tracking branch 'origin/topic/awelzel/4645-icmp-conns-inconsistent' * origin/topic/awelzel/4645-icmp-conns-inconsistent: conn_key/fivetuple: Handle one-way ICMP conns in DoConnKeyFromVal()	2025-07-24 09:49:07 +02:00
Johanna Amann	4399f171ae	Merge remote-tracking branch 'origin/topic/johanna/pppoe-session-id-logging' * origin/topic/johanna/pppoe-session-id-logging: Update external tests for pppoe-session-id conn.log changes PPPoE: add session id logging	2025-07-24 07:57:18 +01:00
Tim Wojtulewicz	acdf8f4d4d	Merge remote-tracking branch 'origin/topic/timw/coverity-fixes' * origin/topic/timw/coverity-fixes: Fix a few other minor issues reported by Coverity Add a few extra null checks, plus a missing initialization that led to a bad null check Fix some integer overflow issues reported by Coverity Ignore a couple of known-unused results reported by Coverity Fix some bit-shifting overflow/UB issues reported by Coverity Reset the value of a status variable in SQLite backend before using it in a loop Fix a potential memory leak reported by Coverity Avoid some string copies in IRC analyzer Add some additional std::moves reported by Coverity Fix an unsigned integer comparison reported by Coverity Fix uninitialized class member Coverity findings Handle uncaught exception during setup Update gen-zam submodule for Coverity findings	2025-07-23 15:26:29 -07:00
Tim Wojtulewicz	ca3b670d0f	Merge remote-tracking branch 'origin/topic/timw/storage-forced-sync' * origin/topic/timw/storage-forced-sync: Fix swapped storage metrics names Add flag to force synchronous mode when calling storage script-land functions	2025-07-23 14:03:56 -07:00
Arne Welzel	ee5ffdf42c	Merge remote-tracking branch 'origin/topic/awelzel/control-switch-to-cluster' * origin/topic/awelzel/control-switch-to-cluster: NEWS: ZeekControl, ZeroMQ and WebSocket Update zeekctl module for ClusterBackend and UseWebSocket control: Use Cluster::publish() for replying	2025-07-23 19:31:45 +02:00
Tim Wojtulewicz	83c914ce2d	Merge remote-tracking branch 'origin/topic/timw/ci-weekly-compiler-task' * origin/topic/timw/ci-weekly-compiler-task: CI: Add weekly task for running builds with newest compilers	2025-07-23 08:21:31 -07:00
Tim Wojtulewicz	2e612fc493	Merge remote-tracking branch 'origin/topic/timw/commit-info-for-plugin-ci-build' * origin/topic/timw/commit-info-for-plugin-ci-build: Output more information when cloning repos for include_plugins CI task	2025-07-23 08:20:43 -07:00
Arne Welzel	84cbd3784f	Merge remote-tracking branch 'origin/topic/awelzel/make-record-fields-ordered' * origin/topic/awelzel/make-record-fields-ordered: Type/RecordType: Make table returned by GetRecordFieldsVal() ordered	2025-07-23 13:38:05 +02:00
Tim Wojtulewicz	07a1c6b699	Merge remote-tracking branch 'origin/topic/timw/update-af-packet' * origin/topic/timw/update-af-packet: Update zeek-af_packet-plugin submodule to fix initialization [nomail]	2025-07-22 11:40:27 -07:00
Tim Wojtulewicz	ed81e251dc	Merge remote-tracking branch 'origin/topic/timw/update-broker' * origin/topic/timw/update-broker: Update broker submodule [nomail]	2025-07-22 08:05:22 -07:00
Tim Wojtulewicz	cb2e193452	Merge remote-tracking branch 'origin/topic/timw/storage-metrics' * origin/topic/timw/storage-metrics: Add SQLite page_count and file_size metrics Add btests to cover storage metrics Add storage metrics for operations, expirations, data transferred Fix ordering of telemtry metrics when running under test Make RunPragma take an optional value parser to return data Make SQLite::Step take a callback function for parsing result data	2025-07-18 14:28:46 -07:00
Tim Wojtulewicz	1dc7d88efd	Merge remote-tracking branch 'origin/topic/timw/update-libkqueue' * origin/topic/timw/update-libkqueue: Update libkqueue submodule [nomail]	2025-07-17 12:59:10 -07:00
Tim Wojtulewicz	beb70e27b5	Merge remote-tracking branch 'origin/topic/timw/cpp20-starts-and-ends-with' * origin/topic/timw/cpp20-starts-and-ends-with: Use std::string/string_view versions of starts_with/ends_with where appropriate	2025-07-17 09:09:40 -07:00
Tim Wojtulewicz	6218643347	Merge remote-tracking branch 'origin/topic/timw/hilti-nolint-enum' * origin/topic/timw/hilti-nolint-enum: Add nolint for enum size for HILTI_RT_ENUM use	2025-07-17 08:40:58 -07:00
Robin Sommer	c94ce6b946	Merge remote-tracking branch 'origin/topic/robin/gh-4481-test-analyzer' * origin/topic/robin/gh-4481-test-analyzer: Spicy: Fix missing include. Bump Spicy. Spicy: Add functions to check if Zeek provides an analyzer of a given name.	2025-07-16 17:47:08 +02:00
Arne Welzel	8f4470926f	Merge remote-tracking branch 'origin/topic/awelzel/eml-extraction-v3' * origin/topic/awelzel/eml-extraction-v3: NEWS: Add entry about SMTP::enable_rfc822_msg_file_analysis btest: Add tests for full email extraction SMTP: Adapt scripts for enable_rfc822_msg_file_analysis SMTP: Add missing Undelivered() call SMTP: Add enable_rfc822_msg_file_analysis	2025-07-16 12:38:29 +02:00
Christian Kreibich	fba319857b	Merge branch 'topic/bbannier/named-ctr' * topic/bbannier/named-ctr: Prefer explicit construction to coercion in record initialization	2025-07-15 17:38:04 -07:00
Christian Kreibich	907ddce581	Merge branch 'topic/christian/fix-debuglogger-stdsort' * topic/christian/fix-debuglogger-stdsort: Add missing header to allow std::sort() on GCC 15.1	2025-07-15 17:37:02 -07:00
Tim Wojtulewicz	dc5d7c3fc9	Merge remote-tracking branch 'origin/topic/timw/std-filesystem' * origin/topic/timw/std-filesystem: Fix some missing #includes resulting from removal of ghc::filesystem Remove ghc::filesystem submodule, switch to std::filesystem	2025-07-14 13:09:24 -07:00
Tim Wojtulewicz	55b427142d	Merge remote-tracking branch 'origin/topic/johanna/connection-syn-packet-doc' * origin/topic/johanna/connection-syn-packet-doc: Documentation: connection_SYN_packet	2025-07-14 11:26:13 -07:00
Tim Wojtulewicz	a843521e78	Merge remote-tracking branch 'origin/topic/timw/cpp20-clang-tidy-updates' * origin/topic/timw/cpp20-clang-tidy-updates: Use ranges::reverse_view to fix a few reverse ranged-for loops Disable a few new modernize clang-tidy checkers, enabled by C++20	2025-07-14 09:31:31 -07:00
Tim Wojtulewicz	448590270b	Merge remote-tracking branch 'origin/topic/timw/move-util-deferred' * origin/topic/timw/move-util-deferred: Move util::Deferred into util-types.h	2025-07-13 19:23:08 -07:00
Evan Typanski	54f9e45597	Merge remote-tracking branch 'origin/topic/etyp/baseline-cleanup' * origin/topic/etyp/baseline-cleanup: Cleanup unused baselines	2025-07-11 15:35:59 -04:00
Tim Wojtulewicz	0e869a5941	Merge remote-tracking branch 'origin/topic/timw/cpp20-NEWS' * origin/topic/timw/cpp20-NEWS: Add NEWS entry about C++ 20 [nomail] [skip ci]	2025-07-11 12:13:54 -07:00
Evan Typanski	a739d47835	Merge remote-tracking branch 'origin/topic/vern/add-del-void-exprs' * origin/topic/vern/add-del-void-exprs: crash fixes for constructs that expect add/delete expressions to return values	2025-07-11 12:58:56 -04:00
Tim Wojtulewicz	1e55543e86	Merge branch 'topic/timw/c++20' * topic/timw/c++20: Reduce some false-positive warnings from GCC to warnings with -Werror Add zeek-namespaced alias for jthread Include RequireCXXStd.cmake from main CMakeLists.txt Update submodules to C++20-enabled versions	2025-07-10 15:43:09 -07:00
Tim Wojtulewicz	c6011e2160	Merge remote-tracking branch 'origin/topic/timw/known-services-with-storage-framework' * origin/topic/timw/known-services-with-storage-framework: Modify known-services policy script to add storage framework support	2025-07-10 08:55:49 -07:00
Robin Sommer	6446bdf0dc	Merge remote-tracking branch 'origin/topic/bbannier/bump-spicy' * origin/topic/bbannier/bump-spicy: [Spicy] Add linker scope to debugging output. [Spicy] Remove declarations for unimplemented functions. [Spicy] Bump `auxil/spicy/` to latest development snapshot.	2025-07-10 09:41:07 +02:00
Tim Wojtulewicz	0848ddfb9f	Merge remote-tracking branch 'origin/topic/vern/ZAM-incr-op-opt-fix' * origin/topic/vern/ZAM-incr-op-opt-fix: ZAM optimizer fix for += / -= set operations	2025-07-09 15:10:17 -07:00
Christian Kreibich	9322687823	Merge branch 'topic/christian/rdp-cookie-clarification' * topic/christian/rdp-cookie-clarification: Clarify the cookie field's origin in the RDP log.	2025-07-08 17:45:27 -07:00

1 2 3 4 5 ...

3770 commits