Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
18138 commits 387 branches 195 tags 255 MiB
Commit graph

18138 commits

This branch
This branch
All branches
Author SHA1 Message Date
Arne Welzel
ba5dcb1d84 cluster/websocket: Debug output fixes 2025-04-23 14:19:08 +02:00
Robin Sommer
e6700670fb
Bump Spicy. 2025-04-23 12:24:10 +02:00
Tim Wojtulewicz
b8382a126c Update zeek-aux submodule [nomail] 2025-04-22 21:06:43 -07:00
zeek-bot
b42f9b49d3 Update doc submodule [nomail] [skip ci] 2025-04-23 00:14:55 +00:00
Tim Wojtulewicz
b8587c4fa9 Merge remote-tracking branch 'origin/topic/timw/upgrade-cares-to-1.34.5' 
* origin/topic/timw/upgrade-cares-to-1.34.5:
  Update c-ares to v1.34.5 and vcpkg to a version that includes it
 2025-04-22 08:44:37 -07:00
Christian Kreibich
ed161692dd Merge branch 'topic/christian/gh4318-track-broker-peerings' 
* topic/christian/gh4318-track-broker-peerings:
  Use Broker peering directionality when re-peering after backpressure overflows
  Expand Broker APIs to allow tracking directionality of peering establishment
 2025-04-21 17:21:03 -07:00
Christian Kreibich
549e678dff Use Broker peering directionality when re-peering after backpressure overflows 
This avoids creating pointless connection reattempts to ephemeral TCP
client-side ports, which have been cluttering up the Broker logs since 7.1.
 2025-04-21 14:08:42 -07:00
Christian Kreibich
b430d5235c Expand Broker APIs to allow tracking directionality of peering establishment 
This provides ways to figure out for a given peer, or a given address/port pair,
whether the local node originally established the peering.
 2025-04-21 14:08:42 -07:00
Tim Wojtulewicz
d59f6014b8 Update broker submodule [nomail] 2025-04-18 12:36:28 -07:00
Tim Wojtulewicz
ee64cf0863 Update c-ares to v1.34.5 and vcpkg to a version that includes it 2025-04-18 12:03:16 -07:00
Tim Wojtulewicz
953c039603 Merge remote-tracking branch 'origin/topic/timw/test-cmake-krb5-fixes' 
* origin/topic/timw/test-cmake-krb5-fixes:
  Use longer path when including krb5.h to match the cmake lookup
  Update cmake submodule for krb5 fixes [nomail]
 2025-04-18 11:36:26 -07:00
Tim Wojtulewicz
90f0fae7cc Use longer path when including krb5.h to match the cmake lookup 2025-04-18 11:35:54 -07:00
Tim Wojtulewicz
ce0a6931df Update cmake submodule for krb5 fixes [nomail] 2025-04-18 11:35:54 -07:00
Tim Wojtulewicz
b808967d1f Merge remote-tracking branch 'origin/topic/bbannier/bump-spicy' 
* origin/topic/bbannier/bump-spicy:
  Bump auxil/spicy to latest development snapshot
 2025-04-17 17:48:53 -07:00
Benjamin Bannier
5fea3eced6 Bump auxil/spicy to latest development snapshot 2025-04-17 20:30:10 +02:00
Tim Wojtulewicz
89d22f6133 Merge branch 'topic/timw/clang-tidy-iwyu-for-all-targets' 
* topic/timw/clang-tidy-iwyu-for-all-targets:
  Update src/3rdparty submodule to disable clang-format
  Disable linting for files generated by bison
  Make sure clang-tidy and iwyu are added to all targets
 2025-04-17 09:29:11 -07:00
Tim Wojtulewicz
94d742d314 Update src/3rdparty submodule to disable clang-format 2025-04-17 09:26:55 -07:00
Tim Wojtulewicz
7111d6a143 Disable linting for files generated by bison 
These files will report lots of findings in the code that we have no
control over.
 2025-04-17 09:26:55 -07:00
Tim Wojtulewicz
64e2fccc2b Make sure clang-tidy and iwyu are added to all targets 2025-04-17 09:26:55 -07:00
Tim Wojtulewicz
ce7ef3ce6a Merge remote-tracking branch 'origin/topic/timw/include-zeekjs-in-docs-by-default' 
* origin/topic/timw/include-zeekjs-in-docs-by-default:
  Add libnode-dev to docs github runner, update docs to include ZeekJS
 2025-04-17 08:59:41 -07:00
Tim Wojtulewicz
586a4fc4c5 Add libnode-dev to docs github runner, update docs to include ZeekJS 2025-04-17 08:58:54 -07:00
Arne Welzel
0cb5ec735a Merge remote-tracking branch 'origin/topic/awelzel/btest-no-bare-at-test' 
* origin/topic/awelzel/btest-no-bare-at-test:
  pre-commit: Ensure testing files have @TEST lines commented
  testing/btest/*js: Comment all @TEST lines
  testing/btest/*test: Comment all @TEST lines
  testing/btest/*evt: Comment all @TEST lines
  testing/btest/*zeek: Comment all @TEST lines
 2025-04-17 16:57:08 +02:00
Arne Welzel
dde478db6d pre-commit: Ensure testing files have @TEST lines commented 2025-04-17 16:30:23 +02:00
Arne Welzel
51f504b38f testing/btest/*js: Comment all @TEST lines 2025-04-17 16:30:23 +02:00
Arne Welzel
86249db2a3 testing/btest/*test: Comment all @TEST lines 2025-04-17 16:30:23 +02:00
Arne Welzel
6617da5bbd testing/btest/*evt: Comment all @TEST lines 2025-04-17 16:30:23 +02:00
Arne Welzel
85b8c8866b testing/btest/*zeek: Comment all @TEST lines 2025-04-17 16:30:23 +02:00
Arne Welzel
2f0be32f5f Merge branch 'topic/jgras/shutdown-session-clear' of https://github.com/J-Gras/zeek 
* 'topic/jgras/shutdown-session-clear' of https://github.com/J-Gras/zeek:
  Remove finish_run()
  Deprecate session manager's Done()
  Clear sessions when session manager is done
 2025-04-17 15:20:42 +02:00
Jan Grashoefer
7e2f33c9ee Remove finish_run() 2025-04-17 14:38:21 +02:00
Tim Wojtulewicz
9dc57225c8 Merge remote-tracking branch 'origin/topic/bbannier/ixwebsocket-warnings' 
* origin/topic/bbannier/ixwebsocket-warnings:
  Suppress warnings from compilation of external ixwebsocket dependency
 2025-04-16 15:41:05 -07:00
Tim Wojtulewicz
63837a44ed Update docs submodule [nomail] [skip ci] 2025-04-16 13:53:02 -07:00
Benjamin Bannier
d3d49727ee Suppress warnings from compilation of external ixwebsocket dependency 
Clang warns about declared but unused parameters somewhere in the guts of
IXWebSocket (internal code, not its headers). We are not interested in
this or similar warnings since we do not control this code, so suppress
all warnings for this target.
 2025-04-16 20:42:14 +02:00
Arne Welzel
a2a535d0c9 Merge remote-tracking branch 'origin/topic/awelzel/4275-ldap-gss-spnego-auth-miss' 
* origin/topic/awelzel/4275-ldap-gss-spnego-auth-miss:
  ldap: Clean up from code review
  ldap: Add Sicily Authentication constants
  ldap: Only switch into MS_KRB5 mode if responseToken exists
 2025-04-16 09:40:05 +02:00
zeek-bot
e24be6ba3f Update doc submodule [nomail] [skip ci] 2025-04-16 00:15:39 +00:00
Arne Welzel
b8e573a3b9 ldap: Clean up from code review 
Co-authored-by: Benjamin Bannier <benjamin.bannier@corelight.com>
 2025-04-15 20:10:56 +02:00
Arne Welzel
07bf7f8b18 ldap: Add Sicily Authentication constants 
The aduser1-ntlm.pcap contains bindRequest messages using Microsoft AD
specific Sicily Authentication [1]. Add the entries to the enum so we
don't log undefined for these and also check the NTLMSSP signature.

[1] https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/8b9dbfb2-5b6a-497a-a533-7e709cb9a982
 2025-04-15 20:10:56 +02:00
Arne Welzel
ff58be2f36 ldap: Only switch into MS_KRB5 mode if responseToken exists 
If the server doesn't include a responseToken within negTokenResp,
assume there won't be signing or sealing happening on the
connection. Don't switch into MS_KRB5 mode.

Closes #4275
 2025-04-15 20:10:52 +02:00
Jan Grashoefer
124f2a7d28 Deprecate session manager's Done() 2025-04-15 18:55:56 +02:00
Arne Welzel
ee5ebc1b2a Merge remote-tracking branch 'origin/topic/awelzel/bump-websocket-ixwewbsocket' 
* origin/topic/awelzel/bump-websocket-ixwewbsocket:
  IXWebSocket: Bump to latest upstream master
 2025-04-15 18:31:55 +02:00
Tim Wojtulewicz
4472d600e5 Merge remote-tracking branch 'origin/topic/timw/enable-krb5-on-not-linux' 
* origin/topic/timw/enable-krb5-on-not-linux:
  CI: Add krb5 to FreeBSD
  Switch libkrb5 check to exclude only Darwin
 2025-04-15 08:58:06 -07:00
Jan Grashoefer
013dc2010f Clear sessions when session manager is done 
It looks like there is no reason to keep sessions in the map beyond the
point where the session manager is considered done. This hopefully
simplifies the shutdown control flow a tiny bit.
 2025-04-15 14:23:03 +02:00
zeek-bot
349fdccfb3 Update doc submodule [nomail] [skip ci] 2025-04-15 00:26:29 +00:00
Tim Wojtulewicz
22a8c35734 CI: Add krb5 to FreeBSD 2025-04-14 15:15:05 -07:00
Tim Wojtulewicz
2f48229f28 Switch libkrb5 check to exclude only Darwin 2025-04-14 14:58:08 -07:00
Tim Wojtulewicz
6ecb8f0f5f Merge remote-tracking branch 'origin/topic/timw/storage-serialization' 
* origin/topic/timw/storage-serialization:
  Add STORAGE_ prefixes for backends and serializers
  Add versioning to JSON serializer
  Remove unnecessary includes in Val.h
  Move byte_buffer types from cluster and storage into util
  Remove unnecessary <array> and <memory> includes from util.h
  Mark storage classes as final where appropriate
  Add JSON storage serializer, use with existing backends/tests
  Make ValFromJSON return zeek::expected instead of a variant
  Ground work for pluggable storage serializers
 2025-04-14 10:12:29 -07:00
Tim Wojtulewicz
cb1ef47a31 Add STORAGE_ prefixes for backends and serializers 2025-04-14 10:11:13 -07:00
Tim Wojtulewicz
9593db1974 Add versioning to JSON serializer 2025-04-14 10:11:13 -07:00
Tim Wojtulewicz
dbb3144e2d Remove unnecessary includes in Val.h 2025-04-14 10:11:13 -07:00
Tim Wojtulewicz
1169fcf2a2 Move byte_buffer types from cluster and storage into util 2025-04-14 10:11:13 -07:00
Tim Wojtulewicz
40b75cb809 Remove unnecessary <array> and <memory> includes from util.h 2025-04-14 10:11:13 -07:00