Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-10 02:28:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
17477 commits 388 branches 195 tags 268 MiB
Commit graph

17477 commits

This branch
This branch
All branches
Author SHA1 Message Date
Vern Paxson
0ca2f9a8b2 speedups for compilation of initializers in -O gen-C++ generated code 2024-08-13 14:43:17 -07:00
Vern Paxson
6daf9d5b88 fixes for -O gen-C++ generation of floating point constants 2024-08-13 14:42:25 -07:00
Vern Paxson
a93a69ba62 -O gen-C++ fix for dealing with use of more than one module qualifier 2024-08-13 14:41:51 -07:00
Vern Paxson
77c34787f3 header tweaks to provide gen-C++ script optimization with more flexibility 2024-08-13 14:37:06 -07:00
Vern Paxson
5a3b519fb4 fix for script optimization of constants of type "opaque" 2024-08-13 14:33:00 -07:00
Vern Paxson
03347e235b fix for script optimization of "in" operations 2024-08-13 14:32:23 -07:00
Vern Paxson
769a3d958a some minor tidying of -O gen-C++ sources 2024-08-13 14:29:26 -07:00
Arne Welzel
a4c79e7304 mysql: Remove auth plugin state 
Now that we use CONNECTION_PHASE and interpret AuthSwitchRequest
correctly, we can remove reliance on the plugin discrepancy to
determine expectations.
 2024-08-13 22:06:36 +02:00
Arne Welzel
b1c63ae4e0 mysql: Handle server connection phase separately from command phase 
This avoids interpreting an AuthSwitchRequest (0xfe) during the command
phase as EOF_Packet.

Thanks @AmazingPP.

Closes #3880
 2024-08-13 22:06:25 +02:00
Johanna Amann
1fe6a02169 Make ssl_history work for SSLv2 handshakes/connections 
It turns out that the ssl_history field never was populated with C/S for
SSLv2 connections, or connections using the SSLv2 handshake. In our
testcases, the latter is especially common - with connections up to TLS1
using the old SSLv2 client hello for backwards compatibility.

This change resolves this issue. As the history is not by default
enabled in a lot of locations, baseline impact is minor.
 2024-08-13 18:03:06 +01:00
Johanna Amann
84c4d53a4e Spicy TLS - full test suite pass 
With this commit, the entire Zeek test suite passes using spicy TLS.
Tests that either use a SSLv2 handshake, or DTLS are skipped, as the
parser currently does not support either.

Similarly, tests that rely on behavior we cannot replicate (baseline,
hooks, exact error messages) are passed. Other than that, all the
TLS-based tests pass with 100% the exact same baseline results.

This necessitated a couple of small tweaks to the spicy file - the
testcases uncovered several small problems.

This commit also enables cirrus tests for Spicy SSL/TLS.
 2024-08-13 14:41:37 +01:00
Arne Welzel
44a3ed676b Merge remote-tracking branch 'jgras/topic/jgras/packet-analyzer-history-rework' 
* jgras/topic/jgras/packet-analyzer-history-rework:
  Deprecate old unknown_protocol event signature
  Use raw pointer for packet analyzer history
  Update external baselines for analyzer history
  Update btest baselines for analyzer history
  Add packet analyzer history
 2024-08-13 12:37:41 +02:00
Johanna Amann
1e282989fe Merge remote-tracking branch 'origin/master' into topic/johanna/spicy-tls 
* origin/master: (93 commits)
  spicyz: Add back message about removed support for port / ports in evt
  rule-parse: Remove id_to_str() lookup to squelch coverity warning
  Update doc submodule [nomail] [skip ci]
  Update zeekctl submodule [nomail]
  btest: Skip core.script-args under TSAN
  Update doc submodule [nomail] [skip ci]
  Update zeekctl submodule
  Add note to NEWS about the removal of OpaqueVal::DoSerialize and OpaqueVal::DoUnserialize
  Remove deprecated port/ports fields for spicy analyzers
  Remove deprecated Cluster::Node::interface field
  Remove deprecated signature definition format
  Return an error if GLOBAL:: prefix is used
  Remove deprecated BloomFilter serialization methods
  Remove deprecated OpaqueVal serialization methods
  Remove deprecated DECLARE_OPAQUE_VALUE macro
  Make TypePtr::Capture member variables private
  Remove deprecated Trigger constructor
  Remove deprecated Controller::auto_assign_ports and Controller::auto_assign_start_port
  Remove deprecated load-balacing policy script
  Remove deprecated prometheus telemetry policy script
  ...
 2024-08-13 10:37:52 +01:00
Jan Grashoefer
e14f3bae70 Deprecate old unknown_protocol event signature 2024-08-12 21:44:02 +02:00
Jan Grashoefer
c73fcdec3d Use raw pointer for packet analyzer history 2024-08-12 16:08:18 +02:00
Jan Grashoefer
b4e83aca8c Update external baselines for analyzer history 2024-08-12 12:21:09 +02:00
Jan Grashoefer
f18c28cfe5 Update btest baselines for analyzer history 2024-08-12 12:21:09 +02:00
Jan Grashoefer
29bc84e1d6 Add packet analyzer history 2024-08-12 12:21:00 +02:00
Arne Welzel
f943366e8e Merge remote-tracking branch 'origin/topic/awelzel/spicyz-add-back-port-ports-message' 
* origin/topic/awelzel/spicyz-add-back-port-ports-message:
  spicyz: Add back message about removed support for port / ports in evt
 2024-08-12 11:07:40 +02:00
Arne Welzel
a5aadc11db spicyz: Add back message about removed support for port / ports in evt 
spicy-dhcp, spicy-http and spicy-dns all have this still in their .evt files,
so it seems popular. Be more helpful than "unexpected token" to users.
 2024-08-12 09:45:56 +02:00
Arne Welzel
32cbe953ba Merge remote-tracking branch 'origin/topic/awelzel/rule-parse-fix-coverity-leak' 
* origin/topic/awelzel/rule-parse-fix-coverity-leak:
  rule-parse: Remove id_to_str() lookup to squelch coverity warning
 2024-08-09 20:57:40 +02:00
Arne Welzel
fa9dc159a2 rule-parse: Remove id_to_str() lookup to squelch coverity warning 
Coverity didn't like that id_to_str() allocates memory and we didn't
free it. Remote its usage wholesale.
 2024-08-09 09:49:43 +02:00
zeek-bot
371dcdc94e Update doc submodule [nomail] [skip ci] 2024-08-09 00:10:26 +00:00
Arne Welzel
159f40a4bf Merge remote-tracking branch 'upstream/topic/awelzel/3774-skip-script-args-test-under-tsan' 
* upstream/topic/awelzel/3774-skip-script-args-test-under-tsan:
  btest: Skip core.script-args under TSAN
 2024-08-08 18:53:23 +02:00
Tim Wojtulewicz
4298fe16ca Update zeekctl submodule [nomail] 2024-08-08 09:44:07 -07:00
Arne Welzel
3e6511af41 btest: Skip core.script-args under TSAN 
TSAN may re-execute the executable when the memory layout doesn't
fullfill requirements, causing argument confusion when that happens.

Closes #3774.
 2024-08-08 15:32:20 +02:00
Arne Welzel
39a9b64219 Merge remote-tracking branch 'origin/topic/timw/remove-cluster-interface-field-zeekctl' 
* origin/topic/timw/remove-cluster-interface-field-zeekctl:
  Update zeekctl submodule
 2024-08-08 10:44:51 +02:00
zeek-bot
80cf06cb79 Update doc submodule [nomail] [skip ci] 2024-08-08 00:23:28 +00:00
Tim Wojtulewicz
bd611945e5 Update zeekctl submodule 2024-08-07 16:03:12 -07:00
Tim Wojtulewicz
c56c7af44e Add note to NEWS about the removal of OpaqueVal::DoSerialize and OpaqueVal::DoUnserialize 2024-08-07 12:27:56 -07:00
Tim Wojtulewicz
6041f74601 Merge remote-tracking branch 'origin/topic/timw/7.1-deprecation-removal' 
* origin/topic/timw/7.1-deprecation-removal:
  Remove deprecated port/ports fields for spicy analyzers
  Remove deprecated Cluster::Node::interface field
  Remove deprecated signature definition format
  Return an error if GLOBAL:: prefix is used
  Remove deprecated BloomFilter serialization methods
  Remove deprecated OpaqueVal serialization methods
  Remove deprecated DECLARE_OPAQUE_VALUE macro
  Make TypePtr::Capture member variables private
  Remove deprecated Trigger constructor
  Remove deprecated Controller::auto_assign_ports and Controller::auto_assign_start_port
  Remove deprecated load-balacing policy script
  Remove deprecated prometheus telemetry policy script
  Remove deprecated policy/tuning/default package
  Remove deprecated time machine settings
  Remove deprecated json NullDoubleWriter class
  Remove deprecated modbus event definitions
  Remove Connection::AppendAddl
  Remove STMT_ANY statement type
  Remove EventRegistry::Used and EventRegistry::SetUsed
 2024-08-07 12:20:44 -07:00
Tim Wojtulewicz
15d404dd19 Remove deprecated port/ports fields for spicy analyzers 2024-08-07 11:58:22 -07:00
Tim Wojtulewicz
4e9d843cec Remove deprecated Cluster::Node::interface field 2024-08-07 11:58:22 -07:00
Tim Wojtulewicz
9142a48725 Remove deprecated signature definition format 2024-08-07 11:58:22 -07:00
Tim Wojtulewicz
2d68b1d834 Return an error if GLOBAL:: prefix is used 2024-08-07 11:58:22 -07:00
Tim Wojtulewicz
ca69d9fb8f Remove deprecated BloomFilter serialization methods 2024-08-07 11:58:21 -07:00
Tim Wojtulewicz
dd982ee6c4 Remove deprecated OpaqueVal serialization methods 2024-08-07 11:58:21 -07:00
Tim Wojtulewicz
cbe612400c Remove deprecated DECLARE_OPAQUE_VALUE macro 2024-08-07 11:58:21 -07:00
Tim Wojtulewicz
260a8afebe Make TypePtr::Capture member variables private 
The public versions were marked as deprecated for 7.0, and accessors
should be used to manage them now.
 2024-08-07 11:58:21 -07:00
Tim Wojtulewicz
a53cc4d01b Remove deprecated Trigger constructor 2024-08-07 11:58:21 -07:00
Tim Wojtulewicz
535df5e263 Remove deprecated Controller::auto_assign_ports and Controller::auto_assign_start_port 2024-08-07 11:58:21 -07:00
Tim Wojtulewicz
7a5b29ea81 Remove deprecated load-balacing policy script 2024-08-07 11:58:21 -07:00
Tim Wojtulewicz
1d0f01d6bc Remove deprecated prometheus telemetry policy script 2024-08-07 11:58:21 -07:00
Tim Wojtulewicz
85b4dc773e Remove deprecated policy/tuning/default package 2024-08-07 11:58:21 -07:00
Tim Wojtulewicz
a716903f3a Remove deprecated time machine settings 2024-08-07 11:58:21 -07:00
Tim Wojtulewicz
aba1f431cf Remove deprecated json NullDoubleWriter class 2024-08-07 11:58:21 -07:00
Tim Wojtulewicz
401a074036 Remove deprecated modbus event definitions 2024-08-07 11:58:21 -07:00
Tim Wojtulewicz
6bb00f9e01 Remove Connection::AppendAddl 2024-08-07 11:58:21 -07:00
Tim Wojtulewicz
1d4bd2c70a Remove STMT_ANY statement type 2024-08-07 11:58:21 -07:00
Tim Wojtulewicz
e2b03681d1 Remove EventRegistry::Used and EventRegistry::SetUsed 2024-08-07 11:58:21 -07:00