Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-07 00:58:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
3420 commits 387 branches 195 tags 259 MiB
Commit graph

962 commits

Author SHA1 Message Date
Bernhard Amann
2ad67643c0 make sqlite3 executable required and add test-cases for errors 
logging: table does not contain all required columns (when extending
data structures)

input: table does not contain all required columns (when extending
data structure), wrong sql statement
 2013-05-14 22:09:46 -07:00
Bernhard Amann
8f7619971f fix bug in input-manager regarding enums that a writer reads without 
0-terminating the string
 2013-05-13 20:26:41 -07:00
Bernhard Amann
6c99df508c actually make sqlite work again (tests passed because the writer 
was not actually defined because of the define.)
 2013-05-13 19:27:11 -07:00
Bernhard Amann
6392acecd2 fix warnings, update baselines, handle rotation 2013-05-12 20:48:17 -07:00
Bernhard Amann
747ba68030 Merge remote branch 'origin/master' into topic/bernhard/sqlite 2013-05-12 20:47:55 -07:00
Jon Siwek
6a7a242db9 Table lookups return copy of non-const &default vals (addresses #981). 
This prevents unintentional modifications to the &default value itself.
 2013-05-03 11:22:15 -05:00
Robin Sommer
8992dc6cff Merge remote-tracking branch 'origin/topic/bernhard/metrics-bug' 
* origin/topic/bernhard/metrics-bug:
  add comment for seth to make us not forget about the copy statements
  fix the fix (thanks seth)
  duct-tape fix of values not propagating after intermediate check in cluster environments.
  Fixing coverage.bare-mode-errors test.
 2013-05-02 12:47:36 -07:00
Bernhard Amann
d984243a77 duct-tape fix of values not propagating after intermediate check in cluster environments. 2013-05-02 11:34:33 -07:00
Robin Sommer
1603da5af3 Always apply tcp_connection_attempt. 
Before this change it was only applied when a connection_attempt()
event handler was defined.
 2013-05-01 18:03:52 -07:00
Robin Sommer
9d483b7e74 Fixing coverage.bare-mode-errors test. 2013-05-01 17:52:16 -07:00
Robin Sommer
9ea5a470e6 Fixing coverage.bare-mode-errors test. 2013-05-01 15:28:45 -07:00
Robin Sommer
7f0e25bdef Replacing cluster leak test. 
The former one used the old metrics framework, now switching to
sumstats.
 2013-04-29 21:14:11 -07:00
Bernhard Amann
b968103c92 Merge remote-tracking branch 'origin/master' into topic/bernhard/sqlite 2013-04-28 22:06:34 -07:00
Robin Sommer
c1f08cc435 Updating test for removed metric_* log fields. 2013-04-28 15:36:49 -07:00
Robin Sommer
1e40a2f88c Merge remote-tracking branch 'origin/topic/seth/metrics-merge' 
* origin/topic/seth/metrics-merge: (70 commits)
  Added protocol to the traceroute detection script.
  Added an automatic state limiter for threshold based SumStats.
  Removed some dead code in scan.bro
  Renamed a plugin hook in sumstats framework.
  Move loading variance back to where it should be alphabetically.
  Fix a bug with path building in FTP.  Came up when changing the path utils.
  Fix a few tests.
  SumStats test checkpoint.
  SumStats tests pass.
  Checkpoint for SumStats rename.
  Fix another occasional reporter error.
  Small updates to hopefully correct reporter errors leading to lost memory.
  Trying to fix a state maintenance issue.
  Updating DocSourcesList
  Updated FTP bruteforce detection and a few other small changes.
  Test updates and cleanup.
  Fixed the measurement "sample" plugin.
  Fix path compression to include removing "/./".
  Removed the example metrics scripts. Better real world examples exist now.
  Measurement framework is ready for testing.
  ...
 2013-04-28 13:21:46 -07:00
Seth Hall
4bddcd2379 Fixed a bug in the vulnerable software script and added a test. 2013-04-25 14:56:14 -04:00
Robin Sommer
e986247ff2 Merge remote-tracking branch 'origin/topic/jsiwek/974' 
Closes #974.

* origin/topic/jsiwek/974:
  Fix schedule statements used outside event handlers (addresses #974).
 2013-04-23 20:38:21 -07:00
Robin Sommer
f6f00924fc Merge remote-tracking branch 'origin/topic/jsiwek/973' 
Closes #973.

* origin/topic/jsiwek/973:
  Fix record coercion for default inner record fields (addresses #973).
 2013-04-23 20:37:08 -07:00
Robin Sommer
71591d706e Small tweaks for bytestring_to_count(). 
Closes #968.
 2013-04-23 20:32:57 -07:00
Yun Zheng Hu
3fff71b37a Add bytestring_to_count function to bro.bif 2013-04-23 20:18:38 -07:00
Jon Siwek
7069f679c3 Fix record coercion for default inner record fields (addresses #973). 2013-04-23 09:57:55 -05:00
Seth Hall
60605412ab Fix a few tests. 2013-04-22 14:14:50 -04:00
Jon Siwek
fa30d4a313 Fix schedule statements used outside event handlers (addresses #974). 2013-04-22 13:00:44 -05:00
Seth Hall
1cac89e4f8 SumStats test checkpoint. 2013-04-16 00:54:41 -04:00
Seth Hall
437815454d SumStats tests pass. 2013-04-15 15:28:11 -04:00
Seth Hall
fbe967e16a Checkpoint for SumStats rename. 2013-04-15 15:12:28 -04:00
Seth Hall
e8b60d1ba8 Updated FTP bruteforce detection and a few other small changes. 2013-04-02 00:55:25 -04:00
Seth Hall
423bf3b3bf Test updates and cleanup. 2013-04-02 00:30:14 -04:00
Seth Hall
0e3c84e863 Fixed the measurement "sample" plugin. 2013-04-02 00:19:06 -04:00
Seth Hall
93eca70e6b Merge remote-tracking branch 'origin/master' into topic/seth/metrics-merge 2013-04-01 14:16:46 -04:00
Seth Hall
53f9948b02 Measurement framework tests all pass now. 2013-04-01 14:16:37 -04:00
Yun Zheng Hu
9a88dc500a Added reverse() function to strings.bif. 
Closes #969.
 2013-03-23 08:39:04 -07:00
Robin Sommer
4255205026 Merge remote-tracking branch 'origin/topic/jsiwek/table-init-record-idx' 
Closes #660.

* origin/topic/jsiwek/table-init-record-idx:
  Fix record constructors in table initializer indices.  Addresses #660.
 2013-03-22 12:11:29 -07:00
Seth Hall
4e99d3a606 Add support for 802.1ah (Q-in-Q). 2013-03-22 12:38:43 -04:00
Robin Sommer
f412a00ada Adding a test for extract-certs-pem.pem. 2013-03-17 13:06:24 -07:00
Robin Sommer
d58a02aa01 Merge remote-tracking branch 'origin/topic/bernhard/base64' 
* origin/topic/bernhard/base64:
  and re-enable caching of extracted certs
  and add bae64 bif tests.
  re-unify classes
  and modernize script.
  add base64-encode functionality and bif.

Closes #965.
 2013-03-17 13:00:52 -07:00
Seth Hall
5734f9ef71 Merge remote-tracking branch 'origin/master' into topic/seth/software-version-updates2 2013-03-14 09:21:13 -04:00
Seth Hall
09cbaa7ccc Merge remote-tracking branch 'origin/master' into topic/seth/metrics-merge 
Conflicts:
	testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log
	testing/btest/Baseline/scripts.base.frameworks.notice.cluster/manager-1.notice.log
	testing/btest/Baseline/scripts.base.frameworks.notice.suppression-cluster/manager-1.notice.log
	testing/btest/Baseline/scripts.base.protocols.ftp.gridftp/notice.log
 2013-03-13 00:26:55 -04:00
Bernhard Amann
a5161783ef and add bae64 bif tests. 2013-03-12 09:33:49 -07:00
Bernhard Amann
fdc8de7596 add sqlite tests and fix small vector/set escaping bugs 2013-03-11 14:22:35 -07:00
Bernhard Amann
8cb91de93a Merge remote-tracking branch 'origin/master' into topic/bernhard/sqlite 
Conflicts:
	src/threading/AsciiFormatter.cc
 2013-03-11 11:47:10 -07:00
Bernhard Amann
1fb05da9cd Fix race-condition in table-event test. 
Event depended on the input manager receiving all lines from the reader
before the first input event was processed by the scripting layer.
 2013-03-07 20:28:18 -08:00
Robin Sommer
f830ed3edf s/bro-ids.org/bro.org/g 2013-03-07 19:33:04 -08:00
Jon Siwek
2293443ea0 Fix function type-equivalence requiring same param names, addresses #957 2013-03-07 13:02:33 -06:00
Robin Sommer
8a6d68e00f Merge remote-tracking branch 'origin/topic/bernhard/remove-length' 
Closes #955.

* origin/topic/bernhard/remove-length:
  forgot to remove the baselines for the now unnecessary bifs
  remove the byte_len and length bifs
 2013-03-06 16:46:20 -08:00
Robin Sommer
1bd2f26df3 Merge remote-tracking branch 'origin/topic/seth/notice-framework-updates' 
So much nicer!

Closes #954.

* origin/topic/seth/notice-framework-updates:
  Update notice framework documentation to represent the new reality.
  Complete removal of the old table based notice policy mechanism.
  Updates for the notices framework.
 2013-03-06 16:45:30 -08:00
Robin Sommer
9f99a4a942 Merge remote-tracking branch 'origin/topic/jsiwek/local-container-init' 
Closes #952.

* origin/topic/jsiwek/local-container-init:
  Fix init of local sets/vectors via curly brace initializer lists.
 2013-03-06 15:11:10 -08:00
Robin Sommer
d931079021 Merge remote-tracking branch 'origin/topic/jsiwek/ticket946' 
Closes #946.

* origin/topic/jsiwek/ticket946:
  Fix memory leaks resulting from 'when' and 'return when' statements.
  Fix three bugs with 'when' and 'return when' statements. Addresses #946
 2013-03-06 15:09:24 -08:00
Bernhard Amann
a005d77369 forgot to remove the baselines for the now unnecessary bifs 2013-03-06 14:14:55 -08:00
Bernhard Amann
986b346e3f remove the byte_len and length bifs 2013-03-06 13:45:42 -08:00