Arne Welzel
a233788a69
Merge remote-tracking branch 'origin/topic/awelzel/ci-fedora-42'
...
* origin/topic/awelzel/ci-fedora-42:
probabilistic/BitVector: Add include <cstdint>
Bump spicy to fix build with GCC 15.1
CI: Drop fedora-40
CI: Add fedora-42
(cherry picked from commit 7583651bec
2025-05-19 09:36:28 -07:00
Johanna Amann
1610fe9eaf
Merge remote-tracking branch 'origin/topic/johanna/remove-bind-library-check'
...
* origin/topic/johanna/remove-bind-library-check:
Remove unnecessary check for bind library.
Closes GH-432t log9
(cherry picked from commit 37be65dfd0
2025-05-19 09:18:21 -07:00
Arne Welzel
94700130ed
Merge remote-tracking branch 'origin/topic/vern/zam-aggr-change-in-loop'
...
* origin/topic/vern/zam-aggr-change-in-loop:
fix for ZAM optimization when an aggregate is modified inside of a loop
(cherry picked from commit 2255fa23b8
2025-05-19 09:16:10 -07:00
Tim Wojtulewicz
c700efc3c8
Merge remote-tracking branch 'origin/topic/bbannier/bump-spicy-7.0' into release/7.0
...
* origin/topic/bbannier/bump-spicy-7.0:
Bump `auxil/spicy` to v1.11.5
2025-05-19 09:09:14 -07:00
Benjamin Bannier
1b5ac2d2e5
Bump auxil/spicy to v1.11.5
2025-05-19 14:54:59 +02:00
Tim Wojtulewicz
05da1c5a52
Updating CHANGES and VERSION.
2025-05-09 07:30:44 -07:00
Tim Wojtulewicz
5f07b3a858
Merge remote-tracking branch 'origin/topic/bbannier/bump-spicy-7.0' into release/7.0
...
* origin/topic/bbannier/bump-spicy-7.0:
Bump auxil/spicy to spicy-1.11.4
2025-05-08 14:46:40 -07:00
Benjamin Bannier
98eb2a10de
Bump auxil/spicy to spicy-1.11.4
2025-05-08 13:13:43 -07:00
Tim Wojtulewicz
c2874bf818
Update docs submodule [nomail] [skip ci]
2025-05-08 12:14:30 -07:00
Tim Wojtulewicz
83ea862c11
Update NEWS for 7.0.7 [nomail] [skip ci]
2025-05-06 13:42:21 -07:00
Tim Wojtulewicz
11cf9e99f2
Add fix to support CMake 4.0, plus update Spicy to version that supports it
2025-05-06 12:45:49 -07:00
Tim Wojtulewicz
76c94e84ac
CI: Use brew version of python3 on macOS
2025-05-06 10:57:18 -07:00
Tim Wojtulewicz
37e7b57664
Update quic baselines due to service ordering
2025-05-06 10:09:16 -07:00
Tim Wojtulewicz
c8b42fe3c7
Merge remote-tracking branch 'origin/topic/awelzel/4275-for-release-7.0' into release/7.0
...
* origin/topic/awelzel/4275-for-release-7.0:
ldap: Replace if with switch on bool
Merge remote-tracking branch 'origin/topic/awelzel/4275-ldap-gss-spnego-auth-miss'
2025-05-06 09:54:58 -07:00
Arne Welzel
bdcb1c8a44
ldap: Replace if with switch on bool
...
The change from a2a535d0c9zeek/spicy#1841 , but Zeek 7.0 does not have that functionality
yet. Replace with switch ( bool ).
2025-05-06 09:47:42 +02:00
Arne Welzel
ceb798b42a
Merge remote-tracking branch 'origin/topic/awelzel/4275-ldap-gss-spnego-auth-miss'
...
* origin/topic/awelzel/4275-ldap-gss-spnego-auth-miss:
ldap: Clean up from code review
ldap: Add Sicily Authentication constants
ldap: Only switch into MS_KRB5 mode if responseToken exists
(cherry picked from commit a2a535d0c9
2025-05-06 09:46:49 +02:00
Arne Welzel
ec18da8baa
Merge remote-tracking branch 'origin/topic/awelzel/4405-quic-fragmented-crypto'
...
* origin/topic/awelzel/4405-quic-fragmented-crypto:
Bump external/zeek-testing
QUIC: Extract reset_crypto() function
QUIC: Rename ConnectionIDInfo to Context
QUIC: Switch initial_destination_conn_id to optional
QUIC: Use initial destination conn_id for decryption
QUIC: Handle CRYPTO frames across multiple INITIAL packets
QUIC: Do not consume EncryptedLongPacketPayload
QUIC: Fix ACK frame parsing
(cherry picked from commit 50ac8d1468
2025-05-05 12:56:53 -07:00
Arne Welzel
e712461719
broker/main: Adapt enum values to agree with comm.bif
...
Logic to detect this error already existed, but due to enum identifiers
not having a value set, it never triggered before.
Should probably backport this one.
(cherry picked from commit 6bc36e8cf8
2025-05-05 12:54:42 -07:00
Tim Wojtulewicz
bc8dc65bd6
Update cmake submodule [nomail]
2025-05-05 12:16:39 -07:00
Tim Wojtulewicz
3e5060018a
Update docs submodule to fix RTD [nomail] [skip ci]
2025-03-20 13:48:45 -07:00
Tim Wojtulewicz
9f8e27118e
Update CHANGES, VERSION, and NEWS for 7.0.6 release
2025-03-20 12:24:26 -07:00
Tim Wojtulewicz
89376095dc
Update zeekctl submodule to fix a couple btests
2025-03-19 13:04:31 -07:00
Tim Wojtulewicz
3e8af6497e
Update zeekjs to v0.16.0
2025-03-19 10:43:17 -07:00
Tim Wojtulewicz
5051cce720
Updating CHANGES and VERSION.
2025-03-19 10:43:02 -07:00
Tim Wojtulewicz
c30b835a14
Update mozilla-ca-list.zeek and ct-list.zeek to NSS 3.109
2025-03-18 17:59:01 -07:00
Tim Wojtulewicz
a041080e3f
Update core/vntag-in-vlan baseline to remove ip_proto field for 7.0
2025-03-18 17:03:05 -07:00
Tim Wojtulewicz
fc3001c76a
CI: Force rebuild of tumbleweed docker image
2025-03-18 16:33:45 -07:00
Tim Wojtulewicz
e2b2c79306
Merge remote-tracking branch 'origin/topic/timw/ci-macos-upgrade-pip'
...
* origin/topic/timw/ci-macos-upgrade-pip:
CI: Unconditionally upgrade pip on macOS
(cherry picked from commit e8d91c8227
2025-03-18 16:21:45 -07:00
Tim Wojtulewicz
ed32ee73fa
Merge remote-tracking branch 'origin/topic/timw/ci-macos-sequoia'
...
* origin/topic/timw/ci-macos-sequoia:
ci/init-external-repo.sh: Use regex to match macos cirrus task
CI: Change macOS runner to Sequoia
(cherry picked from commit 43f108bb71
2025-03-18 16:21:13 -07:00
Tim Wojtulewicz
eed9858bc4
CI: Update freebsd to 13.4 and 14.2
2025-03-18 16:20:06 -07:00
Tim Wojtulewicz
ed081212ae
Merge remote-tracking branch 'origin/topic/timw/vntag-in-vlan'
...
* origin/topic/timw/vntag-in-vlan:
Add analyzer registration from VLAN to VNTAG
(cherry picked from commit cb5e3d0054
2025-03-18 16:18:13 -07:00
Arne Welzel
ec04c925a0
Merge remote-tracking branch 'origin/topic/awelzel/2311-load-plugin-bare-mode'
...
* origin/topic/awelzel/2311-load-plugin-bare-mode:
scan.l: Fix @load-plugin scripts loading
scan.l: Extract switch_to() from load_files()
ScannedFile: Allow skipping canonicalization
(cherry picked from commit a3a08fa0f3
2025-03-18 16:16:39 -07:00
Arne Welzel
de8127f3cd
Merge remote-tracking branch 'origin/topic/awelzel/4198-4201-quic-maintenance'
...
* origin/topic/awelzel/4198-4201-quic-maintenance:
QUIC/decrypt_crypto: Rename all_data to data
QUIC: Confirm before forwarding data to SSL
QUIC: Parse all QUIC packets in a UDP datagram
QUIC: Only slurp till packet end, not till &eod
(cherry picked from commit 44304973fb
2025-03-18 16:15:34 -07:00
Arne Welzel
b5774f2de9
Merge remote-tracking branch 'origin/topic/vern/ZAM-field-assign-in-op'
...
* origin/topic/vern/ZAM-field-assign-in-op:
pre-commit: Bump spicy-format to 0.23
fix for ZAM optimization of assigning a record field to result of "in" operation
(cherry picked from commit 991bc9644d
2025-03-18 16:13:01 -07:00
Tim Wojtulewicz
7c8a7680ba
Update CHANGES, VERSION, and NEWS for 7.0.5 release
2024-12-16 11:12:48 -07:00
Tim Wojtulewicz
26b50908e1
Merge remote-tracking branch 'security/topic/timw/7.0.5-patches' into release/7.0
...
* security/topic/timw/7.0.5-patches:
QUIC/decrypt_crypto: Actually check if decryption was successful
QUIC/decrypt_crypto: Limit payload_length to 10k
QUIC/decrypt_crypto: Fix decrypting into too small stack buffer
2024-12-16 10:21:59 -07:00
Arne Welzel
c2f2388f18
QUIC/decrypt_crypto: Actually check if decryption was successful
...
...and bail if it wasn't.
PCAP was produced using OSS-Fuzz input from issue 383379789.
2024-12-13 13:10:45 -07:00
Arne Welzel
d745d746bc
QUIC/decrypt_crypto: Limit payload_length to 10k
...
Given we dynamically allocate memory for decryption, employ a limit
that is unlikely to be hit, but allows for large payloads produced
by the fuzzer or jumbo frames.
2024-12-13 13:10:45 -07:00
Arne Welzel
5fbb6b4599
QUIC/decrypt_crypto: Fix decrypting into too small stack buffer
...
A QUIC initial packet larger than 1500 bytes could lead to crashes
due to the usage of a fixed size stack buffer for decryption.
Allocate the necessary memory dynamically on the heap instead.
2024-12-13 13:10:45 -07:00
Tim Wojtulewicz
7c463b5f92
Update docs submodule [nomail] [skip ci]
2024-12-13 13:08:51 -07:00
Tim Wojtulewicz
e7f694bcbb
Merge remote-tracking branch 'origin/topic/vern/ZAM-tbl-iteration-memory-mgt-fix'
...
* origin/topic/vern/ZAM-tbl-iteration-memory-mgt-fix:
fix for memory management associated with ZAM table iteration
(cherry picked from commit 805e9db588
2024-12-13 12:27:16 -07:00
Arne Welzel
f54416eae4
Merge remote-tracking branch 'origin/topic/christian/fix-zam-analyzer-name'
...
* origin/topic/christian/fix-zam-analyzer-name:
Fix ZAM's implementation of Analyzer::name() BiF
(cherry picked from commit e100a8e698
2024-12-12 13:14:10 -07:00
Arne Welzel
68bfe8d1c0
Merge remote-tracking branch 'origin/topic/vern/zam-exception-leaks'
...
* origin/topic/vern/zam-exception-leaks:
More robust memory management for ZAM execution - fixes #4052
(cherry picked from commit c3b30b187e
2024-12-12 13:05:13 -07:00
Arne Welzel
cf97ed6ac1
Merge remote-tracking branch 'origin/topic/awelzel/bump-zeekjs-0-14-0'
...
* origin/topic/awelzel/bump-zeekjs-0-14-0:
Bump zeekjs to v0.14.0
(cherry picked from commit aac640ebff
2024-12-12 12:45:14 -07:00
Benjamin Bannier
35cd891d6e
Merge remote-tracking branch 'origin/topic/bbannier/doc-have-spicy'
...
(cherry picked from commit 4a96d34af6
2024-12-12 12:43:43 -07:00
Tim Wojtulewicz
f300ddb9fe
Update CHANGES, VERSION, and NEWS for 7.0.4 release
2024-11-19 12:35:32 -07:00
Arne Welzel
fa5a7c4a5b
Merge remote-tracking branch 'origin/topic/awelzel/bump-zeekjs-0-13-2'
...
* origin/topic/awelzel/bump-zeekjs-0-13-2:
Bump zeekjs to 0.13.2
(cherry picked from commit 6e916efe8d
2024-11-19 11:19:31 -07:00
Tim Wojtulewicz
56b596a3e3
Merge remote-tracking branch 'origin/topic/timw/speed-up-zam-ci-testing'
...
* origin/topic/timw/speed-up-zam-ci-testing:
CI: Use test.sh script for running ZAM tests, but disable parts of it
(cherry picked from commit d9a74680e0
2024-11-19 10:56:28 -07:00
Tim Wojtulewicz
91067b32cc
Update docs submodule [nomail] [skip ci]
2024-11-19 09:43:20 -07:00
Arne Welzel
43ab74b70f
Merge branch 'sqli-spaces-encode-to-plus' of https://github.com/cooper-grill/zeek
...
* 'sqli-spaces-encode-to-plus' of https://github.com/cooper-grill/zeek :
account for spaces encoding to plus signs in sqli regex detection
(cherry picked from commit 5200b84fb3
2024-11-19 09:33:22 -07:00
