Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-06 08:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
7932 commits 387 branches 195 tags 258 MiB
Commit graph

7932 commits

This branch
This branch
All branches
Author SHA1 Message Date
Vern Paxson
81c63a0c65 test case for v += e 2018-07-26 12:37:06 -07:00
Vern Paxson
016a164bb6 documentation of v += e 2018-07-26 12:29:50 -07:00
Vern Paxson
dfe0768fa1 v += e implemented 2018-07-26 12:18:31 -07:00
Jon Siwek
2502e48a01 Updating submodule(s). 
[nomail]
 2018-07-25 15:10:15 -05:00
Jeffrey Bencteux
1bee7277e0 fix NTLM NegotiateFlags field offsets 
Wrong offsets were used for the NegotiateFlags field of the
NEGOTIATE_MESSAGE, CHALLENGE_MESSAGE and AUTHENTICATE_MESSAGE. See
[MS-NLMP].pdf section 2.2.2.5 for a definition of that field.
 2018-07-25 13:27:11 +02:00
Jon Siwek
4a97421ef3 Updating submodule(s). 
[nomail]
 2018-07-24 16:52:58 -05:00
Jon Siwek
026f78e5a3 Add broker/binpac/caf dirs to bro-config script 2018-07-24 16:46:59 -05:00
Jon Siwek
3ed59249ba Exclude CMakeFiles from header installation path 2018-07-24 16:38:30 -05:00
Zhongjie Wang
e31563069b Added missing tcp-state for signature dpd_rfb_server 2018-07-24 14:07:12 -07:00
Chung Min Kim
4ca4b05043 Refactoring, making error messages nicer, & lcov 
Directory name for bro core coverage changed to "coverage", error
messages made nicer. Use `make html` in testing/coverage to create
logs in HTML format when lcov exists on the system.
 2018-07-24 13:19:14 -07:00
Robin Sommer
8ac17d99a1 Merge remote-tracking branch 'origin/topic/jsiwek/bit-1950' 
BIT-1950 #merged

* origin/topic/jsiwek/bit-1950:
  BIT-1950: support PPPoE over QinQ
 2018-07-24 15:05:48 +00:00
Robin Sommer
d62079b59a Updating submodule(s). 
[nomail]
 2018-07-24 02:43:06 +00:00
Robin Sommer
566c50447f Merge remote-tracking branch 'origin/topic/jsiwek/source-tree-independence' 
BIT-1955 #merged

* origin/topic/jsiwek/source-tree-independence:
  Support building plugins from Bro installation root
  Install binpac
  Move bifcl to a separate repo
 2018-07-24 01:58:58 +00:00
Robin Sommer
0f74e1eedd Add serialization group to clustered config framework tests. 2018-07-24 01:39:39 +00:00
Robin Sommer
f4cd567f84 Merge remote-tracking branch 'origin/topic/johanna/config-cluster' 
BIT-1958 #merged

* origin/topic/johanna/config-cluster:
  Add vector to read_config_cluster test.
  Fix special-case-bug for vectors in UnaryExpr.
  Config: another cluster test-case, this time reading in a file.
  Add sending of values to nodes that dropped out.
  Continue work on config framework clusterization.
  Teach Option::set to unwrap Broker::Data values
  Start clusterizing configuration framework.
 2018-07-24 01:36:59 +00:00
Robin Sommer
461c367952 Updating submodule(s). 
[nomail]
 2018-07-23 18:11:37 +00:00
Robin Sommer
8233d82144 Fix some compiler warnings. 2018-07-23 18:07:15 +00:00
Johanna Amann
f3d4ba51af Add vector to read_config_cluster test. 
It works now after fixing the vector-any-UnaryExpr Bro bug.
 2018-07-20 13:41:44 -07:00
Johanna Amann
12add53131 Fix special-case-bug for vectors in UnaryExpr. 
In some cases one can get the Type() of unaryexpr to be ANY. Vectors so
far did not deal gracefully with this and crashed because trying to
convert any to a vectortype.

This patch fixes this by just using the original vector-type in this
case.
 2018-07-20 13:36:38 -07:00
Jon Siwek
385350a1f3 Make Broker congestion queue size tunable and increase default 2018-07-20 12:14:33 -05:00
Jon Siwek
6215d45f10 Improve control framework id-update/test output 2018-07-20 11:59:40 -05:00
Vern Paxson
86cd484759 documentation, test suite update 2018-07-20 08:57:37 -07:00
Johanna Amann
da58f9d4a6 Merge remote-tracking branch 'origin/master' into topic/johanna/config-cluster 2018-07-18 09:56:01 -07:00
Jon Siwek
d245513e0a Improve some netcontrol unit tests 2018-07-18 09:51:49 -05:00
Jon Siwek
bf67076cdc Improve an input framework unit test 2018-07-17 17:51:52 -05:00
Jon Siwek
1d1a63c16c Add explicit key in Travis known_hosts 2018-07-17 16:51:29 -05:00
Jon Siwek
35b778eb4e Updating submodule(s). 
[nomail]
 2018-07-17 14:42:52 -05:00
Jon Siwek
9caad8a042 Port broker::data variant usages to use CAF API directly 
Old code still all worked, but made use of Broker functions which
now just redirect to CAF ones.
 2018-07-17 14:25:21 -05:00
Vern Paxson
f4728bd603 only generate history threshold events for > 1 instance 
mention those events in NEWS
 2018-07-17 10:25:45 -07:00
Jon Siwek
4c072409f0 Updating submodule(s). 
[nomail]
 2018-07-16 16:14:18 -05:00
Jon Siwek
c09fe427a8 Improve Specific_RE_Matcher::CompileSet() error condition cleanup 2018-07-16 16:07:34 -05:00
Jon Siwek
463e540c9b Merge remote-tracking branch 'origin/topic/vern/case-insensitive-patterns' 
* origin/topic/vern/case-insensitive-patterns:
  use PCRE syntax instead of the beautiful new (?i ...) syntax
  nitlet in NEWS entry
  test suite update for case-insensitive patterns
  document use of double quotes to escape case-insensitivity
  bug fix for recent memory leak patch
  documentation updates for case-insensitive patterns
  d'oh there's isalpha.  I looked earlier for isletter :-P
  fix for handling [:(lower|upper):] in case-insensitive patterns
  implemented /re/i for case-insensitive patterns
 2018-07-16 16:04:38 -05:00
Jon Siwek
a45039de00 Merge remote-tracking branch 'origin/topic/vern/runtime-pattern-bifs' 
* origin/topic/vern/runtime-pattern-bifs:
  de-restrict pattern-oriented BiFs to no longer require only running at init
 2018-07-16 11:03:27 -05:00
Jon Siwek
36400e2d67 Updating submodule(s). 
[nomail]
 2018-07-16 10:12:36 -05:00
Jon Siwek
2ffaa1cdb1 Support building plugins from Bro installation root 
As opposed to plugins depending on a Bro source/build tree.  This
required installing various Bro headers, BinPAC and it's headers,
bifcl, and Bro's custom CMake modules.
 2018-07-13 17:23:08 -05:00
Johanna Amann
5b262ceda4 Merge branch 'x509_ext_san_dns_optional' of https://github.com/liviuvalsan/bro 
* 'x509_ext_san_dns_optional' of https://github.com/liviuvalsan/bro:
  Added support for making optional the extraction of DNS entries from X509 SAN as Intel::seen records.
 2018-07-13 10:55:36 -07:00
Jon Siwek
7fdb184ca6 Install binpac 2018-07-13 10:12:28 -05:00
Jon Siwek
e1b7820b01 Move bifcl to a separate repo 2018-07-12 17:51:23 -05:00
Vern Paxson
187757f377 a different sort of history update 2018-07-09 13:05:50 -07:00
Vern Paxson
73349362a3 'W' for zero window implemented; logarithmic 'T'/'C'/'W' history repetitions 2018-07-09 13:05:10 -07:00
Vern Paxson
2a8ea87c9f implemented set relationals 2018-07-06 16:22:06 -07:00
Vern Paxson
e416d34f1f bug fix for set intersection 2018-07-06 13:46:06 -07:00
Jon Siwek
ad9abd4c9b BIT-1950: support PPPoE over QinQ 2018-07-06 08:04:02 -05:00
Vern Paxson
b9a5d9ccbe de-restrict pattern-oriented BiFs to no longer require only running at init 2018-07-05 10:13:20 -07:00
Jon Siwek
15d74ac081 BIT-1941: improve unit test stability 
Mostly trying to standardize the way tests sleep for arbitrary amounts
of time to make it easier to tell at which particular point the
unit test actually may need the timeout interval increased (or else
debugged further).
 2018-07-03 15:00:52 -05:00
Jon Siwek
df3ce608e3 Fix unstable cluster/logging test 2018-07-03 10:25:14 -05:00
Jon Siwek
a6ddc882c3 Fix unstable config framework test 2018-07-03 09:34:33 -05:00
Jon Siwek
85e46f37ca BIT-1941: teach diff-remove-timestamps about time 0 2018-07-03 09:17:09 -05:00
Liviu Valsan
acf1c591ea Added support for making optional the extraction of DNS entries from X509 SAN as Intel::seen records. 2018-07-03 15:08:21 +02:00
Jon Siwek
c9ebe725f6 BIT-1941: improve reliability of broker.disconnect unit test 2018-07-02 16:32:13 -05:00