Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-08 17:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
6192 commits 387 branches 195 tags 264 MiB
Commit graph

6192 commits

This branch
This branch
All branches
Author SHA1 Message Date
Robin Sommer
ee14b96a15 Merge remote-tracking branch 'origin/topic/struck/BIT-1287' 
* origin/topic/struck/BIT-1287:
  [ADD] builtin function enum_to_int()

BIT-1287 #merged
 2014-11-11 13:20:40 -08:00
Robin Sommer
557218895e Removing method from SSL analyzer that's no longer used. 2014-11-11 11:51:04 -08:00
Robin Sommer
e8e81043a1 Merge remote-tracking branch 'origin/topic/vladg/mysql' 
* origin/topic/vladg/mysql:
  Update baselines.
  Fix a logic bug with handling quits after the cleanup.
  Integrate MySQL with the software framework
  A bit of MySQL cleanup - removed unused events, consolidated similar events, fixed up main.bro a bit
  Move MySQL analyzer to the new plugin architecture.
  Add a btest for the Wireshark sample MySQL PCAP
  Add support for more commands, and support quit
  Redo the response handling..
  Whitespace/readability fixes.
  Add memleak and auth btests.
  Update baselines.
  Get MySQL to compile and add basic v9 support.
  MySQL analyzer
 2014-11-11 11:49:26 -08:00
Christian Struck
b36d5fc81b [ADD] builtin function enum_to_int() 
[ADD] added tests for the new enum_to_int function
 2014-11-10 18:24:27 -08:00
akasza
ea79c07730 uri parsing complete 2014-11-06 19:52:03 -08:00
akasza
69ce4d3038 uri_decompose complete, need btests 2014-11-06 19:47:28 -08:00
akasza
3c42350e77 uri parsing function 2014-11-05 20:44:03 -08:00
Seth Hall
e879aa78f5 Merge remote-tracking branch 'origin/topic/seth/mime-updates' into topic/seth/files-reassembly-and-mime-updates 
Conflicts:
	scripts/base/init-bare.bro
	testing/btest/Baseline/scripts.policy.misc.dump-events/all-events-no-args.log
	testing/btest/Baseline/scripts.policy.misc.dump-events/all-events.log
 2014-11-05 11:42:34 -05:00
Seth Hall
842dfd8b4a Merge remote-tracking branch 'origin/topic/seth/files-tracking' into topic/seth/files-reassembly-and-mime-updates 
Conflicts:
	testing/btest/Baseline/scripts.base.frameworks.file-analysis.http.multipart/out
	testing/btest/Baseline/scripts.policy.misc.dump-events/all-events.log
 2014-11-05 11:40:26 -05:00
Seth Hall
7ee34981aa Improve TAR file detection and other small changes. 
- Remove all of the x-c detections.  Nearly all false
    positives.

  - Remove the back up TAR detections.  Not very helpful.

  - Remove one of the x-elc detections that was too loose
    and caused many false positives.
 2014-11-05 11:31:48 -05:00
Seth Hall
efdfef7970 Merge remote-tracking branch 'origin/master' into topic/seth/mime-updates 
Conflicts:
	testing/btest/Baseline/scripts.policy.misc.dump-events/all-events.log
 2014-11-05 10:57:57 -05:00
Seth Hall
7a52b8eb56 Merge remote-tracking branch 'origin/topic/vladg/cryptoapi' 
* origin/topic/vladg/cryptoapi:
  Add Windows detection based on CryptoAPI HTTP traffic as a software framework policy script.
 2014-11-05 09:47:17 -05:00
Vlad Grigorescu
31baaf6499 Merge remote-tracking branch 'origin/master' into topic/vladg/mysql 2014-11-04 13:18:56 -05:00
Vlad Grigorescu
7e0599039b Merge branch 'topic/vladg/cryptoapi' into topic/vladg/kerberos 2014-11-04 13:13:34 -05:00
Vlad Grigorescu
0bd45d54c8 Merge remote-tracking branch 'origin/master' into topic/vladg/kerberos 2014-11-04 13:12:12 -05:00
Robin Sommer
9045288ad3 Merge remote-tracking branch 'origin/fastpath' 2014-11-03 18:55:42 -08:00
Vlad Grigorescu
d600d41a55 Add Windows detection based on CryptoAPI HTTP traffic as a software framework policy script. 2014-11-03 13:52:58 -05:00
Jon Siwek
25a58f501b Updating submodule(s). 
[nomail]
 2014-11-03 10:19:48 -06:00
Johanna Amann
705989da39 add new curves from draft-ietf-tls-negotiated-ff-dhe 2014-11-01 19:37:27 -07:00
Vlad Grigorescu
e86fc160db Merge remote-tracking branch 'origin/master' into topic/vladg/mysql 2014-10-31 21:32:19 -04:00
Robin Sommer
e0d9adc9c9 Updating submodule(s). 
[nomail]
 2014-10-31 17:49:02 -07:00
Robin Sommer
395f06d93c Updating submodule(s). 
[nomail]
 2014-10-31 17:45:37 -07:00
Robin Sommer
5ef6dd0e3c Adding call to new binpac::init() function. 2014-10-31 17:44:58 -07:00
Robin Sommer
78de5c17ef Merge remote-tracking branch 'origin/topic/jsiwek/bit-1176' 
* origin/topic/jsiwek/bit-1176:
  Fix segfault if when statement's RHS is unitialized.

BIT-1176 #merged
 2014-10-31 16:30:49 -07:00
Robin Sommer
2e7b732c4b Merge remote-tracking branch 'origin/topic/jsiwek/bit-1280' 
* origin/topic/jsiwek/bit-1280:
  BIT-1280: Fix checking vector indices via "in".

BIT-1280 #merged.
 2014-10-31 16:28:08 -07:00
Vlad Grigorescu
743d388be8 Merge remote-tracking branch 'origin/master' into topic/vladg/mysql 2014-10-31 16:46:07 -04:00
Vlad Grigorescu
b484da1539 Update baselines. 2014-10-31 16:45:48 -04:00
Vlad Grigorescu
c601ebccb8 Fix a logic bug with handling quits after the cleanup. 2014-10-31 16:24:48 -04:00
Jon Siwek
3b4e5eda55 BIT-1283: Fix crash when using &encrypt. 2014-10-31 12:13:27 -05:00
Vlad Grigorescu
119ad59b70 Integrate MySQL with the software framework 2014-10-31 12:17:47 -04:00
Vlad Grigorescu
e2ad93c543 A bit of MySQL cleanup - removed unused events, consolidated similar events, fixed up main.bro a bit 2014-10-31 12:08:13 -04:00
Jon Siwek
2a181a88c5 Allow arbitrary when statement timeout expressions 
BIT-1284 #close
 2014-10-31 10:38:23 -05:00
Jon Siwek
285f93b689 Merge remote-tracking branch 'origin/topic/jsiwek/bit-1166' 
* origin/topic/jsiwek/bit-1166:
  Add configure options to fine tune local state dirs used by BroControl.

BIT-1166 #close
 2014-10-31 09:22:37 -05:00
Jon Siwek
28770937b5 Add configure options to fine tune local state dirs used by BroControl. 
--logdir: logs produced at run time
--spooldir: other data produced at run time
--localstatedir: contains spool or log dirs if those options aren't set

Addresses BIT-1166.
 2014-10-30 17:11:46 -05:00
Jon Siwek
dec96234e3 Fix some minor Coverity Scan complaints. 2014-10-30 13:26:34 -05:00
Jon Siwek
1f7facda5b Fix segfault if when statement's RHS is unitialized. 
If it is ever assigned a value, the body of the when can be triggered as
usual.

Addresses BIT-1176.
 2014-10-30 12:19:25 -05:00
Jon Siwek
432744fde4 Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  Fix checking of fwrite return values

Some didn't look quite right so fixed while merging: the return value of
fwrite is in terms of number of objects written, not number of bytes
written and some calls still mixed those up.
 2014-10-28 15:10:32 -05:00
Jon Siwek
e5f75cde93 BIT-1280: Fix checking vector indices via "in". 
$ cat test.bro
local vec: vector of string = { "zero" };
vec[2] = "two";
print 0 in vec, 1 in vec, 2 in vec;

$ bro -b test.bro
T, F, T
 2014-10-28 14:21:16 -05:00
Johanna Amann
ed73c83b61 Fix checking of fwrite return values 2014-10-28 07:20:26 -07:00
Jon Siwek
832a2b7bab Updating CHANGES and VERSION. 2014-10-27 13:03:46 -05:00
Vlad Grigorescu
bcdeef6012 Move Kerberos analyzer to the new plugin architecture. 2014-10-27 14:03:40 -04:00
Vlad Grigorescu
e6d6ba6ec6 Merge remote-tracking branch 'origin/master' into topic/vladg/kerberos 
Conflicts:
	testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log
	testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log
	testing/btest/Baseline/scripts.policy.misc.dump-events/all-events.log
 2014-10-27 13:56:07 -04:00
Vlad Grigorescu
45d5080870 Move MySQL analyzer to the new plugin architecture. 2014-10-27 13:55:10 -04:00
Jon Siwek
e60ceea87c Fix errors/warnings when compiling with -std=c++11 
These are compatibility changes only.
 2014-10-27 12:54:17 -05:00
Vlad Grigorescu
b259a41ef2 Merge remote-tracking branch 'origin/master' into topic/vladg/mysql 
Conflicts:
	testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log
	testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log
	testing/btest/Baseline/scripts.policy.misc.dump-events/all-events.log
 2014-10-27 13:24:31 -04:00
Jon Siwek
a26c674dfd Updating submodule(s). 
[nomail]
 2014-10-27 10:05:36 -05:00
Jon Siwek
b67646cf19 Merge branch 'patch-1' of https://github.com/vice/bro 
* 'patch-1' of https://github.com/vice/bro:
  Wrong port in scripting documentation
 2014-10-27 10:03:29 -05:00
Vicente Jimenez Aguilar
65ab987eb6 Wrong port in scripting documentation 
HTTP is port 80 not 53
 2014-10-25 11:52:17 +02:00
Robin Sommer
087a9f975d Adding missing baseline. 2014-10-24 15:34:06 -07:00
Robin Sommer
fb56d3f0bb Fixing unstable test. 2014-10-24 13:40:00 -07:00