Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
18098 commits 387 branches 195 tags 255 MiB
Commit graph

18098 commits

This branch
This branch
All branches
Author SHA1 Message Date
Arne Welzel
3319615c65 btest/cluster/websocket: Move ZeroMQ test and use wstest.py 
Adapt the test to be the same as Broker, to have "expected" behavior.
 2025-04-23 14:27:43 +02:00
Arne Welzel
1191f6b66d btest/files: Introduce wstest.py 
This adds a minimal helper library for reusing some of the code to
test WebSocket client access to Zeek using Python.
 2025-04-23 14:27:43 +02:00
Arne Welzel
193350483e cluster/websocket: Special case broker backend for shim usage 
When Cluster::backend is configured with CLUSTER_BACKEND_BROKER, switch
WebSocketClients to CLUSTER_BACKEND_BROKER_WEBSOCKET_SHIM instead.

Instead of the special case, we could also add something to Backend
called NewWebSocketBackend(), but if it only affects broker, I think
the special case is okay for now.
 2025-04-23 14:27:43 +02:00
Arne Welzel
76c508f001 broker: Add WebSocketShim backend 
This adds a cluster backend implementation using broker's hub primitive
to connect WebSocket clients with the local broker endpoint for pub/sub
functionality.
 2025-04-23 14:27:43 +02:00
Arne Welzel
591e3400d4 broker/Manager: Add MakeHub() and ReleaseHub() 
These are used by WebSocket clients to create broker::hub instances
 2025-04-23 14:27:43 +02:00
Arne Welzel
c9d7418a23 Bump broker submodule 2025-04-23 14:27:43 +02:00
Arne Welzel
3d3b7a0759 cluster/Backend: Add ProcessError() 
Allow backends to pass errors to a strategy. Locally, these raise
Cluster::Backend::error() events that are logged to the reporter
as errors.
 2025-04-23 14:19:08 +02:00
Arne Welzel
fcc0f45c57 cluster/Backend: Rename EnqueueLocalEvent() to ProcessLocalEvent() 2025-04-23 14:19:08 +02:00
Arne Welzel
f8ef5addaa cluster/Backend: Rename HandleRemoteEvent() to ProcessEvent() 
...also add Backend::ProcessEvent() for backends to trigger event
processing without needing to use ProcessEventMessage().
 2025-04-23 14:19:08 +02:00
Arne Welzel
390a4fc1bb cluster/websocket: Fix websocket_client_added id value 2025-04-23 14:19:08 +02:00
Arne Welzel
6c44bfa3fb broker: Include log event identifier in stderr output 2025-04-23 14:19:08 +02:00
Arne Welzel
ba5dcb1d84 cluster/websocket: Debug output fixes 2025-04-23 14:19:08 +02:00
Tim Wojtulewicz
b8382a126c Update zeek-aux submodule [nomail] 2025-04-22 21:06:43 -07:00
zeek-bot
b42f9b49d3 Update doc submodule [nomail] [skip ci] 2025-04-23 00:14:55 +00:00
Tim Wojtulewicz
b8587c4fa9 Merge remote-tracking branch 'origin/topic/timw/upgrade-cares-to-1.34.5' 
* origin/topic/timw/upgrade-cares-to-1.34.5:
  Update c-ares to v1.34.5 and vcpkg to a version that includes it
 2025-04-22 08:44:37 -07:00
Christian Kreibich
ed161692dd Merge branch 'topic/christian/gh4318-track-broker-peerings' 
* topic/christian/gh4318-track-broker-peerings:
  Use Broker peering directionality when re-peering after backpressure overflows
  Expand Broker APIs to allow tracking directionality of peering establishment
 2025-04-21 17:21:03 -07:00
Christian Kreibich
549e678dff Use Broker peering directionality when re-peering after backpressure overflows 
This avoids creating pointless connection reattempts to ephemeral TCP
client-side ports, which have been cluttering up the Broker logs since 7.1.
 2025-04-21 14:08:42 -07:00
Christian Kreibich
b430d5235c Expand Broker APIs to allow tracking directionality of peering establishment 
This provides ways to figure out for a given peer, or a given address/port pair,
whether the local node originally established the peering.
 2025-04-21 14:08:42 -07:00
Tim Wojtulewicz
d59f6014b8 Update broker submodule [nomail] 2025-04-18 12:36:28 -07:00
Tim Wojtulewicz
ee64cf0863 Update c-ares to v1.34.5 and vcpkg to a version that includes it 2025-04-18 12:03:16 -07:00
Tim Wojtulewicz
953c039603 Merge remote-tracking branch 'origin/topic/timw/test-cmake-krb5-fixes' 
* origin/topic/timw/test-cmake-krb5-fixes:
  Use longer path when including krb5.h to match the cmake lookup
  Update cmake submodule for krb5 fixes [nomail]
 2025-04-18 11:36:26 -07:00
Tim Wojtulewicz
90f0fae7cc Use longer path when including krb5.h to match the cmake lookup 2025-04-18 11:35:54 -07:00
Tim Wojtulewicz
ce0a6931df Update cmake submodule for krb5 fixes [nomail] 2025-04-18 11:35:54 -07:00
Tim Wojtulewicz
b808967d1f Merge remote-tracking branch 'origin/topic/bbannier/bump-spicy' 
* origin/topic/bbannier/bump-spicy:
  Bump auxil/spicy to latest development snapshot
 2025-04-17 17:48:53 -07:00
Benjamin Bannier
5fea3eced6 Bump auxil/spicy to latest development snapshot 2025-04-17 20:30:10 +02:00
Tim Wojtulewicz
89d22f6133 Merge branch 'topic/timw/clang-tidy-iwyu-for-all-targets' 
* topic/timw/clang-tidy-iwyu-for-all-targets:
  Update src/3rdparty submodule to disable clang-format
  Disable linting for files generated by bison
  Make sure clang-tidy and iwyu are added to all targets
 2025-04-17 09:29:11 -07:00
Tim Wojtulewicz
94d742d314 Update src/3rdparty submodule to disable clang-format 2025-04-17 09:26:55 -07:00
Tim Wojtulewicz
7111d6a143 Disable linting for files generated by bison 
These files will report lots of findings in the code that we have no
control over.
 2025-04-17 09:26:55 -07:00
Tim Wojtulewicz
64e2fccc2b Make sure clang-tidy and iwyu are added to all targets 2025-04-17 09:26:55 -07:00
Tim Wojtulewicz
ce7ef3ce6a Merge remote-tracking branch 'origin/topic/timw/include-zeekjs-in-docs-by-default' 
* origin/topic/timw/include-zeekjs-in-docs-by-default:
  Add libnode-dev to docs github runner, update docs to include ZeekJS
 2025-04-17 08:59:41 -07:00
Tim Wojtulewicz
586a4fc4c5 Add libnode-dev to docs github runner, update docs to include ZeekJS 2025-04-17 08:58:54 -07:00
Arne Welzel
0cb5ec735a Merge remote-tracking branch 'origin/topic/awelzel/btest-no-bare-at-test' 
* origin/topic/awelzel/btest-no-bare-at-test:
  pre-commit: Ensure testing files have @TEST lines commented
  testing/btest/*js: Comment all @TEST lines
  testing/btest/*test: Comment all @TEST lines
  testing/btest/*evt: Comment all @TEST lines
  testing/btest/*zeek: Comment all @TEST lines
 2025-04-17 16:57:08 +02:00
Arne Welzel
dde478db6d pre-commit: Ensure testing files have @TEST lines commented 2025-04-17 16:30:23 +02:00
Arne Welzel
51f504b38f testing/btest/*js: Comment all @TEST lines 2025-04-17 16:30:23 +02:00
Arne Welzel
86249db2a3 testing/btest/*test: Comment all @TEST lines 2025-04-17 16:30:23 +02:00
Arne Welzel
6617da5bbd testing/btest/*evt: Comment all @TEST lines 2025-04-17 16:30:23 +02:00
Arne Welzel
85b8c8866b testing/btest/*zeek: Comment all @TEST lines 2025-04-17 16:30:23 +02:00
Arne Welzel
2f0be32f5f Merge branch 'topic/jgras/shutdown-session-clear' of https://github.com/J-Gras/zeek 
* 'topic/jgras/shutdown-session-clear' of https://github.com/J-Gras/zeek:
  Remove finish_run()
  Deprecate session manager's Done()
  Clear sessions when session manager is done
 2025-04-17 15:20:42 +02:00
Jan Grashoefer
7e2f33c9ee Remove finish_run() 2025-04-17 14:38:21 +02:00
Tim Wojtulewicz
9dc57225c8 Merge remote-tracking branch 'origin/topic/bbannier/ixwebsocket-warnings' 
* origin/topic/bbannier/ixwebsocket-warnings:
  Suppress warnings from compilation of external ixwebsocket dependency
 2025-04-16 15:41:05 -07:00
Tim Wojtulewicz
63837a44ed Update docs submodule [nomail] [skip ci] 2025-04-16 13:53:02 -07:00
Benjamin Bannier
d3d49727ee Suppress warnings from compilation of external ixwebsocket dependency 
Clang warns about declared but unused parameters somewhere in the guts of
IXWebSocket (internal code, not its headers). We are not interested in
this or similar warnings since we do not control this code, so suppress
all warnings for this target.
 2025-04-16 20:42:14 +02:00
Arne Welzel
a2a535d0c9 Merge remote-tracking branch 'origin/topic/awelzel/4275-ldap-gss-spnego-auth-miss' 
* origin/topic/awelzel/4275-ldap-gss-spnego-auth-miss:
  ldap: Clean up from code review
  ldap: Add Sicily Authentication constants
  ldap: Only switch into MS_KRB5 mode if responseToken exists
 2025-04-16 09:40:05 +02:00
zeek-bot
e24be6ba3f Update doc submodule [nomail] [skip ci] 2025-04-16 00:15:39 +00:00
Arne Welzel
b8e573a3b9 ldap: Clean up from code review 
Co-authored-by: Benjamin Bannier <benjamin.bannier@corelight.com>
 2025-04-15 20:10:56 +02:00
Arne Welzel
07bf7f8b18 ldap: Add Sicily Authentication constants 
The aduser1-ntlm.pcap contains bindRequest messages using Microsoft AD
specific Sicily Authentication [1]. Add the entries to the enum so we
don't log undefined for these and also check the NTLMSSP signature.

[1] https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/8b9dbfb2-5b6a-497a-a533-7e709cb9a982
 2025-04-15 20:10:56 +02:00
Arne Welzel
ff58be2f36 ldap: Only switch into MS_KRB5 mode if responseToken exists 
If the server doesn't include a responseToken within negTokenResp,
assume there won't be signing or sealing happening on the
connection. Don't switch into MS_KRB5 mode.

Closes #4275
 2025-04-15 20:10:52 +02:00
Jan Grashoefer
124f2a7d28 Deprecate session manager's Done() 2025-04-15 18:55:56 +02:00
Arne Welzel
ee5ebc1b2a Merge remote-tracking branch 'origin/topic/awelzel/bump-websocket-ixwewbsocket' 
* origin/topic/awelzel/bump-websocket-ixwewbsocket:
  IXWebSocket: Bump to latest upstream master
 2025-04-15 18:31:55 +02:00
Tim Wojtulewicz
4472d600e5 Merge remote-tracking branch 'origin/topic/timw/enable-krb5-on-not-linux' 
* origin/topic/timw/enable-krb5-on-not-linux:
  CI: Add krb5 to FreeBSD
  Switch libkrb5 check to exclude only Darwin
 2025-04-15 08:58:06 -07:00