Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
17813 commits 387 branches 195 tags 255 MiB
Commit graph

17813 commits

This branch
This branch
All branches
Author SHA1 Message Date
Arne Welzel
9f768d1896 ci: Install websockets from pip for all distros 
The cluster/websocket tests were developed against websockets 14.2,
but Ubuntu and Alpine ship too old versions. Switch to installing
the latest version from pip instead, so we don't need to bother making
tests compatible with very old Python packages shipped by distributions.
 2025-03-10 17:07:30 +01:00
Arne Welzel
91eb2786be auxil/libunistd: Bump for ssize_t typedef 2025-03-10 17:07:30 +01:00
Arne Welzel
3a0216728c auxil/broker: Bump to latest master version 2025-03-10 17:07:30 +01:00
Arne Welzel
eb1f9f9a42 cluster/zeromq: Catch log_push.send() exception 2025-03-10 17:07:30 +01:00
Arne Welzel
b82dcfafa4 cluster/zeromq: Catch exceptions as const zmq::error_t& 2025-03-10 17:07:30 +01:00
Arne Welzel
8a1abfa8ef cluster/zeromq: No assert on inproc handling 
This might happen if we didn't succeed in completely sending a multipart
message and stop early.
 2025-03-10 17:07:30 +01:00
Arne Welzel
aad512c616 cluster/zeromq: Support configuring IO threads for proxy thread 2025-03-10 17:07:30 +01:00
Arne Welzel
ba7b605a97 cluster/zeromq: Move variable lookups from DoInit() to DoInitPostScript() 2025-03-10 17:07:30 +01:00
Arne Welzel
540d9da5ef cluster/zeromq: Handle EINTR at shutdown 
Read ::signal_val and early exit a DoPublish() in case termination
happened while blocked in inproc.send()
 2025-03-10 17:07:30 +01:00
Arne Welzel
94ec3af2b0 cluster/zeromq: Queue one message at a time 
Queueing multiple messages can easily overload the IO loop without
creating any backpressure.
 2025-03-10 17:07:30 +01:00
Arne Welzel
09ccb2e250 cluster/Backend: Queue a single message only 
The ZeroMQ backend would accumulate multiple messages and enqueue them
all at once. However, as this could potentially result in huge batches
of events being queued into the event loop at once, switch to a one
message at a time model. If there's too many messages queued already,
OnLoop::QueueForProcessing() will block the ZeroMQ thread until
there's room available again.
 2025-03-10 17:07:30 +01:00
Arne Welzel
827eccb732 cluster/zeromq: Adapt for OnLoopProcess changes 2025-03-10 17:07:30 +01:00
Arne Welzel
23405194a0 cluster/ThreadedBackend: Switch to OnLoopProcess 2025-03-10 17:07:30 +01:00
Arne Welzel
5dee77e6f2 cluster/OnLoop: Introduce helper template class 2025-03-10 17:07:30 +01:00
Arne Welzel
273a6ec1f3 serializer/broker: Expose to_broker_event() and to_zeek_event() 
This is useful for reuse by WebSocket clients that use
the JSON v1 encoding.
 2025-03-10 17:06:16 +01:00
Tim Wojtulewicz
e8d91c8227 Merge remote-tracking branch 'origin/topic/timw/ci-macos-upgrade-pip' 
* origin/topic/timw/ci-macos-upgrade-pip:
  CI: Unconditionally upgrade pip on macOS
 2025-03-10 08:29:04 -07:00
Tim Wojtulewicz
1b260333fd CI: Unconditionally upgrade pip on macOS 2025-03-10 08:09:41 -07:00
Tim Wojtulewicz
8ed503314d Merge remote-tracking branch 'origin/topic/timw/fix-double-to-docs' 
* origin/topic/timw/fix-double-to-docs:
  Fix return types in docs for double_to_count and double_to_int
 2025-03-10 06:11:56 -07:00
Tim Wojtulewicz
036eb94dff Fix return types in docs for double_to_count and double_to_int 2025-03-10 06:10:21 -07:00
Tim Wojtulewicz
574514b04c Update bifcl submodule [nomail] 2025-03-07 12:14:20 -07:00
Evan Typanski
c8f8bbaccb Merge remote-tracking branch 'origin/topic/etyp/print-type-const' 
* origin/topic/etyp/print-type-const:
  Fix printing type constants like `double`
 2025-03-07 13:14:22 -05:00
Tim Wojtulewicz
62a3119678 Merge remote-tracking branch 'origin/topic/timw/iwyu-clang-tidy' 
* origin/topic/timw/iwyu-clang-tidy:
  Fix indentation in .clang-tidy
  Remove existing hand-written clang-tidy setup
  Add ability to enable iwyu and clang-tidy at configure time
 2025-03-07 11:02:39 -07:00
Tim Wojtulewicz
bb6b44901b Fix indentation in .clang-tidy 2025-03-07 11:00:44 -07:00
Tim Wojtulewicz
36c1a3ca4a Remove existing hand-written clang-tidy setup 2025-03-07 11:00:44 -07:00
Tim Wojtulewicz
c1dd1e991e Add ability to enable iwyu and clang-tidy at configure time 2025-03-07 11:00:44 -07:00
Evan Typanski
4237239325 Fix printing type constants like double 
Fixes #4268
 2025-03-07 11:54:04 -05:00
zeek-bot
1d1ca92662 Update doc submodule [nomail] [skip ci] 2025-03-07 00:21:23 +00:00
Tim Wojtulewicz
81f7e77801 Merge remote-tracking branch 'origin/topic/timw/4266-tunnel-ip-proto' 
* origin/topic/timw/4266-tunnel-ip-proto:
  Set ip_proto when creating new tunnel encapsulations
 2025-03-06 16:42:03 -07:00
Johanna Amann
ae62209e78 Merge remote-tracking branch 'origin/topic/johanna/coc_contributing' 
* origin/topic/johanna/coc_contributing:
  Add code of conduct and contributing to repo.
 2025-03-06 17:24:32 +00:00
Tim Wojtulewicz
479c4be08b Set ip_proto when creating new tunnel encapsulations 2025-03-06 09:25:03 -07:00
Johanna Amann
6fcd02b3a4 Merge remote-tracking branch 'origin/topic/johanna/gh-4251-discussion' 
* origin/topic/johanna/gh-4251-discussion:
  Add two protocol mismatch testcases
  Remove violating t panalyzer from services field again
 2025-03-06 13:12:51 +00:00
Johanna Amann
c161b8dffe Add code of conduct and contributing to repo. 2025-03-06 13:11:17 +00:00
zeek-bot
901903f230 Update doc submodule [nomail] [skip ci] 2025-03-06 00:14:42 +00:00
Arne Welzel
86fd9c4e0d Merge remote-tracking branch 'origin/topic/awelzel/4216-no-more-parse-time-dns-resolutions' 
* origin/topic/awelzel/4216-no-more-parse-time-dns-resolutions:
  ZAM: bif-tracking updates for blocking_lookup_hostname()
  scan.l: Deprecate DNS resolutions of hostname literals
  input/zeek-setup: Track parse_only globally
  zeek.bif: Introduce blocking_lookup_hostname()
  btest/dns_mgr: Update run-dnsmasq, use --host-record
 2025-03-05 19:24:28 +01:00
Arne Welzel
3b7bbb2651 ZAM: bif-tracking updates for blocking_lookup_hostname() 2025-03-05 19:23:08 +01:00
Arne Welzel
715c309b03 scan.l: Deprecate DNS resolutions of hostname literals 
This also skips DNS lookups when running with zeek --parse-only.

Closes #4216 #4219
 2025-03-05 19:23:08 +01:00
Arne Welzel
e14f54b474 input/zeek-setup: Track parse_only globally 
For easier access in scan.l
 2025-03-05 19:23:08 +01:00
Arne Welzel
376913b509 zeek.bif: Introduce blocking_lookup_hostname() 
As a replacement for host literal DNS resolutions.
 2025-03-05 19:22:57 +01:00
Arne Welzel
7eec3859fa btest/dns_mgr: Update run-dnsmasq, use --host-record 
Using dnsmasq --address covers an entire domain, so dns.example.com
AAAA queries would also return IPv6 addresses for example.com

Instead, this was always meant to use host entries.
 2025-03-05 12:39:15 +01:00
zeek-bot
3595f50f16 Update doc submodule [nomail] [skip ci] 2025-03-05 00:17:11 +00:00
Christian Kreibich
c2a7da0044 Update zeekctl submodule to pull in testsuite fix for metrics port 2025-03-04 12:53:17 -08:00
Tim Wojtulewicz
8f0236448b Merge remote-tracking branch 'origin/topic/timw/reformat-cpp-code-in-bison-and-flex-files' 
* origin/topic/timw/reformat-cpp-code-in-bison-and-flex-files:
  Reformat embedded C++ code in bison/flex files
 2025-03-04 09:34:06 -07:00
Tim Wojtulewicz
61cd5779f2 Reformat embedded C++ code in bison/flex files 2025-03-04 09:33:30 -07:00
Tim Wojtulewicz
a2a30f2a2b Merge remote-tracking branch 'origin/topic/timw/iptunnel-coverity-findings' 
* origin/topic/timw/iptunnel-coverity-findings:
  Fix Coverity findings from recent IPTunnel dumping changes
 2025-03-04 08:53:04 -07:00
Johanna Amann
2daf692c95 Add two protocol mismatch testcases 
These traces contain different protocols being used by originator/responder.

Traces from GH-4251
 2025-03-04 15:38:20 +00:00
Johanna Amann
b8c135d7cb Remove violating analyzer from services field again 
This reverts some of the recent DPD changes; specifically violations
trigger removal from the services field, again, by default.

Discussion in GH-4521
 2025-03-04 15:10:49 +00:00
Johanna Amann
dfa011a3ee Merge remote-tracking branch 'origin/topic/johanna/gh-4237' 
* origin/topic/johanna/gh-4237:
  RDP: cookie is optional
 2025-03-04 13:41:18 +00:00
Johanna Amann
72ea7fc06c RDP: cookie is optional 
Fixes GH-4237
 2025-03-04 13:38:01 +00:00
Arne Welzel
5cb25fd2e8 testing/external: Fix commit-hash.zeek-testing-private 
update-changes mishap :-(
 2025-03-04 14:36:02 +01:00
Arne Welzel
548a12813a Merge branch 'master' of https://github.com/markoverholser/zeek 
* 'master' of https://github.com/markoverholser/zeek:
  Update zeek.bif documentation for to_count and to_int
 2025-03-04 12:07:22 +01:00