Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-03 23:28:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
10798 commits 384 branches 195 tags 258 MiB
Commit graph

3268 commits

Author SHA1 Message Date
Seth Hall
cb3d312d5a Intel framework test passes now. 2011-06-24 16:10:13 -04:00
Seth Hall
0b918eb140 Reorganized some of the tests for consistency. 2011-06-24 15:40:56 -04:00
Jon Siwek
4f33dcf59e Updating software version parsing test. 
Tweaked parsing code a bit catch a couple that were failing.
 2011-06-24 13:27:35 -05:00
Jon Siwek
ecaae75e65 Reorganize where HTTP pipelining test lives. 2011-06-24 11:25:16 -05:00
Jon Siwek
b7b3e9c5a2 Tweak known-hosts test to explicitly do local asset tracking 2011-06-24 11:22:18 -05:00
Jon Siwek
e180761eb4 Update/improve known-services test. 2011-06-24 11:18:25 -05:00
Jon Siwek
555e42fdd2 First attempt to adapt istate.events unit test to new policy scripts. 
The http.log that both sides produce is the same, but the
http-related events that each serializes into events.bst
don't look equivalent when read back and cause the test to fail.
 2011-06-23 11:00:03 -05:00
Jon Siwek
dc4dc7c56a Update/improve known-hosts unit test. 2011-06-22 16:50:42 -05:00
Jon Siwek
ea1f819b3e Update core.vlan-mpls test to use new policy scripts. 2011-06-20 16:06:44 -05:00
Jon Siwek
fc66d88a04 Updating the packet filter tests to use new policy scripts. 2011-06-20 15:56:16 -05:00
Jon Siwek
ef79ab3562 Update baseline for core.load-pkg test 
I removed the diff'ing against which scripts Bro outputs as loaded
because that's going to be sensitive to changes in which scripts
get loaded by default.  What really matters is the output that shows
that Bro was able to load the script via a directory's __load__.bro
 2011-06-20 14:10:02 -05:00
Jon Siwek
2bb36a7d10 Fix language.rare-events test to use new policy scripts. 
DroppedPackets now goes in notice.log by default so that log is the
new baseline.
 2011-06-20 13:55:44 -05:00
Jon Siwek
c1638d7172 Fix logging remote tests to use new policy script organization. 2011-06-20 13:49:30 -05:00
Jon Siwek
83ffca5a4a Fix logging rotation tests. 
By filtering the rotation output from Bro to weed out log streams
that the unit test didn't create (default logging streams).
 2011-06-20 13:37:04 -05:00
Jon Siwek
3f436cf419 Merge branch 'master' into topic/jsiwek/pybroccoli-fixes 2011-06-20 12:18:20 -05:00
Jon Siwek
9de6e9170c Cleaning up the script loading implementation. 
This change primarily improves the way Bro detects and prevents
the same script from being loaded twice.  It now compares inode
numbers instead of path names.
 2011-06-20 12:10:09 -05:00
Jon Siwek
0f6a6ddc28 Fix baseline for core.conn-id (now core.conn-uid) test. 
"conn-id.bro" was the name of a script in the policy/ directory that conn.bro
expected to @load, but when the unit test was also named "conn-id.bro",
it would be loaded twice during the test (once from conn.bro and once
as a command line argument to bro).  This means two event handlers were
registered in error and the baseline output contained duplicate lines
that can be removed.
 2011-06-20 10:11:44 -05:00
Seth Hall
f30a8a3e21 Merge remote branch 'origin/master' into topic/policy-scripts-new 2011-06-16 22:02:09 -04:00
Seth Hall
32425ba4b0 Merge branch 'topic/policy-scripts-new' of ssh://git.bro-ids.org/bro into topic/policy-scripts-new 2011-06-16 22:01:57 -04:00
Robin Sommer
ff7b92ffc8 Fixing bug with logging &optional records. 
Closes #476.
 2011-06-16 17:24:15 -07:00
Jon Siwek
7b7b15a18c Update istate.pybroccoli test. 
For changes made to broccoli-python repository in
commit dbc73389e3a8c17734815993626d83084eb93615
 2011-06-16 16:35:10 -05:00
Jon Siwek
4f15628146 Fix logging.ascii-empty & logging.ascii-options test failures. 
Logging to stdout for use in a baseline doesn't work well when
there may be scripts that get loaded by default (in this case,
packet-filter) and also do logging.  Instead just baseline against
the logs generated by the test in question.
 2011-06-16 15:23:47 -05:00
Seth Hall
8b9c1f1dcd Merge remote branch 'origin/topic/jsiwek/pybroccoli-fixes' into topic/policy-scripts-new 2011-06-16 16:04:00 -04:00
Jon Siwek
626c028f4f Merge branch 'master' into topic/policy-scripts-new 2011-06-16 13:29:58 -05:00
Jon Siwek
55c7c42eb7 Fix istate.events-ssl test failing because of expired cert. 
Replaced expired certificate w/ one that's valid for ~100 years.
 2011-06-15 16:34:33 -05:00
Jon Siwek
303dba6372 Coerce event handler record arguments to correct record type. 
This lets events be sent to bro that contain record arguments that
don't have to fill in all &optional record fields.

This corresponds to broccoli-python tests that were updated in
commit 8b87d8f61ef89162019cd4acc01be93700b0c588
 2011-06-15 13:56:37 -05:00
Jon Siwek
4f6690776c Update pybroccoli test. 
This corresponds to changes in the broccoli-python repository's
commit 5b843ecc02a5d04b281409a05cee3a947665cfd2
 2011-06-15 12:41:48 -05:00
Jon Siwek
b7e5d4169e Fix (py)broccoli unit tests being skipped on Mac. 2011-06-15 12:33:35 -05:00
Seth Hall
a8893052ac Added some HTTP tests. 
- Tests HTTP pipelining, MD5 summing and general HTTP handling.
- I checked over the baseline closely and it appears correct.
 2011-06-15 13:29:04 -04:00
Seth Hall
844afba017 Added Apple Mail to the software parsing tests. 2011-06-14 13:40:29 -04:00
Seth Hall
00f4751ada Merge remote branch 'origin/master' into topic/policy-scripts-new 2011-06-14 13:02:19 -04:00
Seth Hall
c6bf94f276 First commit of intelligence framework. 
- Data insertion and querying works.
- A few tests are implemented to show usage scenarios.
 2011-06-10 16:52:46 -04:00
Jon Siwek
b4d70a22db Fixed core.load-pkg test w/ diff canonifier instead 2011-06-10 15:07:32 -05:00
Jon Siwek
9e747a040d Revert "Fix core.load-pkg unit test." 
This reverts commit 80558a994a.
 2011-06-10 15:01:35 -05:00
Jon Siwek
cb89440593 Fix language.wrong-delete-field test by running through abs path canonifier 2011-06-10 14:56:49 -05:00
Jon Siwek
90196b4dc8 Fix bifs.unique_id-rnd test failing because of wc output formatting 2011-06-10 13:27:08 -05:00
Jon Siwek
13c90fc732 Fix core.conn-id test on some platforms. 
The output of some versions of `wc` (e.g. MacOS) seems to indent
their output while others don't, causing the baseline diff to fail.
So pipe to sed to get rid of spaces before diffing.
 2011-06-10 12:17:10 -05:00
Jon Siwek
80558a994a Fix core.load-pkg unit test. 
Removed the test's diff against baseline output that contained absolute
paths so that it will work across systems.  Also don't redirect anything
to stderr so that failure information shows up in btest diagnostic output.
 2011-06-10 11:53:51 -05:00
Seth Hall
57531e0769 Merge remote branch 'origin/master' into topic/policy-scripts-new 
Conflicts:
	policy/bro.init
	policy/ssl.bro
 2011-06-07 23:26:03 -04:00
Robin Sommer
8266709e20 A new bif unique_id(prefix) that returns a string that's unique across 
Bro instaces with high probablity.

"prefix" is a string that will be prepended to the returned ID.
 2011-06-07 17:57:22 -07:00
Seth Hall
fbf207deda Merge remote branch 'origin/master' into topic/policy-scripts-new 2011-06-03 07:38:28 -04:00
Robin Sommer
a236dd0d3d Fixing typo in test. 2011-06-02 22:07:36 -07:00
Robin Sommer
fac328685b @load now supports loading a directory. 
With a directory "foo" somewhere in BROPATH, "@load foo" now checks if
there's a file "foo/__load__.bro". If so, it reads that file in. (If
not, Bro reports the same error as before, complaining that it can't
read a directory).
 2011-06-02 21:57:24 -07:00
Robin Sommer
5c0704eec8 ASCII logger now escapes non-printable characters. 
Closes #450.
 2011-06-01 22:33:44 -07:00
Jon Siwek
f0143c3c5f Merge branch 'master' into topic/policy-scripts-new 2011-05-18 11:44:45 -05:00
Jon Siwek
73a18714b3 Fix reST markup generated for record redefs. 
They should have been using reST roles to xref the original record type
instead of a reST directive to declare a new type.
 2011-05-17 15:27:45 -05:00
Jon Siwek
d69c3edf21 Fixes for more doc mode corner cases caused by type cloning. 
"shallow" copying has to be done for any type that can contain
record types in order to accommodate record redefs that add fields.
 2011-05-17 15:03:40 -05:00
Jon Siwek
e608aae0ba Merge remote-tracking branch 'origin/master' into topic/policy-scripts-new 2011-05-16 13:59:02 -05:00
Jon Siwek
70e14cb7d5 Fix CommentedTypeDecl to track whether it's in a record like TypeDecl does. 2011-05-12 19:55:26 -05:00
Jon Siwek
68784634ff Fixing doc tests in the btest suite. 
- reduce number of docs generated by `make doc`; will add as they're reviewed

- Conforming to new Notice::Type enum for notices
 2011-05-12 11:21:20 -05:00