Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-17 05:58:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
11933 commits 387 branches 198 tags 286 MiB
Commit graph

11933 commits

This branch
This branch
All branches
Author SHA1 Message Date
Christian Kreibich
c01de193b5 Bump Highwayhash submodule to pull in fix for FreeBSD 2021-06-09 16:25:56 -07:00
Tim Wojtulewicz
d234b56ea3 Change the port used on the benchmark host, per request by Cirrus 2021-06-09 12:19:49 -07:00
Tim Wojtulewicz
c621af1e2b Merge remote-tracking branch 'origin/topic/timw/fix-big-sur-build' 
* origin/topic/timw/fix-big-sur-build:
  Fix macOS Big Sur builds on Cirrus
 2021-06-09 09:12:41 -07:00
Tim Wojtulewicz
d62e966234 Fix macOS Big Sur builds on Cirrus 
- Upgrade the Big Sur VM to use the Xcode 12.5 version. This has a newer
  version of brew installed on it that fixes an issue with an EOL package host
  that finally shut down for good recently.
- Use 'brew upgrade' for openssl and cmake, since those are both present on the
  base VM. This prevents 'brew install' from printing an error if the package
  exists but is out of date.
 2021-06-09 09:11:37 -07:00
Christian Kreibich
289db80270 Merge branch 'topic/johanna/opensuseleap15.3' 
* topic/johanna/opensuseleap15.3:
  Add OpenSUSE Leap 15.3 to testing
 2021-06-08 13:55:50 -07:00
Johanna Amannn
aed17a1aaf Add OpenSUSE Leap 15.3 to testing 
It was released a few days ago.
 2021-06-08 10:47:11 +01:00
zeek-bot
b32a75aa17 Update doc submodule [nomail] [skip ci] 2021-06-08 00:45:28 +00:00
Tim Wojtulewicz
c3dc672657 Update submodule(s) [nomail] 2021-06-07 09:24:47 -07:00
Robin Sommer
ca106457c2 Update btest submodule and add .cache to .gitignore. 
[nomail]
 2021-06-07 09:42:59 +02:00
Robin Sommer
ba0a4fe9cf Merge remote-tracking branch 'origin/topic/neverlord/coverity' 
* origin/topic/neverlord/coverity:
  Improve assignment operators for IntrusivePtr
 2021-06-07 09:39:06 +02:00
Robin Sommer
494421b302 Merge branch 'proc-stats-mem-is-bytes' of ssh://github.com/awelzel/zeek 
* 'proc-stats-mem-is-bytes' of ssh://github.com/awelzel/zeek:
  init-bare/ProcStats: mem is in bytes, not KB.
 2021-06-07 09:13:13 +02:00
Dominik Charousset
2f19c89189 Improve assignment operators for IntrusivePtr 
Fixes Coverity finding 1367523 (Missing move assignment operator).
 2021-06-06 15:34:24 +02:00
Arne Welzel
4327c5a022 init-bare/ProcStats: mem is in bytes, not KB. 
zeek::util::get_memory_usage() does `r.ru_maxrss * 1024` and the
task_info() seems to return bytes in `resident_size`.
 2021-06-05 21:25:27 +02:00
Tim Wojtulewicz
9fbbcaad8f Merge remote-tracking branch 'origin/topic/timw/analyzer-deprecations' 
* origin/topic/timw/analyzer-deprecations:
  Add deprecated headers for UDP and ICMP analyzers
 2021-06-04 08:29:43 -07:00
Tim Wojtulewicz
d15fca7e17 Merge remote-tracking branch 'origin/topic/timw/fix-ip-header-length-checking' 
* origin/topic/timw/fix-ip-header-length-checking:
  Fix handling of IP packets with bogus IP header lengths
 2021-06-04 08:28:57 -07:00
Tim Wojtulewicz
3dac5ed809 Merge remote-tracking branch 'origin/topic/christian/gh-1572' 
* origin/topic/christian/gh-1572:
  Make update-traces fail when the curl invocation fails
 2021-06-03 09:28:11 -07:00
Christian Kreibich
c96a177d88 Make update-traces fail when the curl invocation fails 2021-06-02 19:12:46 -07:00
zeek-bot
41b077d2cf Update doc submodule [nomail] [skip ci] 2021-06-03 00:50:48 +00:00
Tim Wojtulewicz
cdc62efa73 Add deprecated headers for UDP and ICMP analyzers 2021-06-02 15:52:10 -07:00
Christian Kreibich
cd8beb173a Merge branch 'topic/christian/ci-freebsd-13' 
* topic/christian/ci-freebsd-13:
  Add FreeBSD 13 to CI
 2021-06-02 15:10:14 -07:00
Christian Kreibich
246387c465 Merge branch 'topic/christian/ci-fedora-34' 
* topic/christian/ci-fedora-34:
  Add Fedora 34 to CI
 2021-06-02 15:07:40 -07:00
Tim Wojtulewicz
079ac1654f Merge remote-tracking branch 'origin/topic/timw/1114-tcp-analyzer' 
* origin/topic/timw/1114-tcp-analyzer:
  Update NEWS [skip ci]
  Label session adapters in the output of zeek -NN
  Split session adapter code into separate files from the analyzers
  Move adapter-specific code back into the adapter
  Move ICMP counterpart methods outside of ICMPAnalyzer class
  Remove obsolete Skipping()/SetSkip() from Connection
  Remove some code from IPBasedAnalyzer and children that was waiting for TCP to be implemented
  Move TCPStateStats object out of session_mgr
  Move analyzer-to-port mapping out of analyzer::Manager into packet analyzers
  Move packet parsing code out of adapter into analyzer
  Move old TCP analyzer into analyzer adapter in packet analysis tree
 2021-06-02 13:22:45 -07:00
Tim Wojtulewicz
d7848229ea Update NEWS [skip ci] 2021-06-02 13:20:59 -07:00
Tim Wojtulewicz
1f94b8f250 Label session adapters in the output of zeek -NN 2021-06-02 13:20:11 -07:00
Tim Wojtulewicz
5433f2936e Split session adapter code into separate files from the analyzers 2021-06-02 13:20:10 -07:00
Tim Wojtulewicz
b6ab22e9fb Move adapter-specific code back into the adapter 2021-06-02 13:20:10 -07:00
Tim Wojtulewicz
1eed8b7f67 Move ICMP counterpart methods outside of ICMPAnalyzer class 
These were previously global methods in the old analyzer, and moving them
to be private members of ICMPAnalyzer broke the usage of them by at least
one external plugin.
 2021-06-02 13:20:10 -07:00
Tim Wojtulewicz
12d768d0d8 Remove obsolete Skipping()/SetSkip() from Connection 2021-06-02 13:20:10 -07:00
Tim Wojtulewicz
08fb5d76ee Remove some code from IPBasedAnalyzer and children that was waiting for TCP to be implemented 2021-06-02 13:20:10 -07:00
Tim Wojtulewicz
4114bbebf0 Move TCPStateStats object out of session_mgr 2021-06-02 13:20:10 -07:00
Tim Wojtulewicz
9e1f6f95aa Move analyzer-to-port mapping out of analyzer::Manager into packet analyzers 2021-06-02 13:20:10 -07:00
Tim Wojtulewicz
d6c74373c7 Move packet parsing code out of adapter into analyzer 2021-06-02 13:20:10 -07:00
Tim Wojtulewicz
f6e31107e1 Move old TCP analyzer into analyzer adapter in packet analysis tree 2021-06-02 13:20:10 -07:00
Tim Wojtulewicz
b171f94729 Merge remote-tracking branch 'zeek-security/topic/timw/mobile-ipv6-overflow' 
* zeek-security/topic/timw/mobile-ipv6-overflow:
  Add some extra length checking when parsing mobile ipv6 packets
 2021-06-02 10:02:59 -07:00
Christian Kreibich
57c0a2a445 Add FreeBSD 13 to CI 2021-06-02 09:46:48 -07:00
Christian Kreibich
c9e91ada8c Add Fedora 34 to CI 2021-06-02 09:46:27 -07:00
Tim Wojtulewicz
9a6959d633 Merge remote-tracking branch 'origin/topic/jsiwek/improve-netbios-toupper' 
* origin/topic/jsiwek/improve-netbios-toupper:
  Replace toupper() usages in netbios decoding BIFs
 2021-06-01 19:12:09 -07:00
zeek-bot
1bbe5427da Update doc submodule [nomail] [skip ci] 2021-06-02 00:50:53 +00:00
Tim Wojtulewicz
ff79a58f59 Merge remote-tracking branch 'origin/topic/neverlord/telemetry-scraper' 
* origin/topic/neverlord/telemetry-scraper:
  Integrate review feedback
  Sync new broker options, fix name inconsistencies
  Integrate new Broker metric exporter parameters
 2021-06-01 10:19:46 -07:00
Tim Wojtulewicz
ca4d0321f1 Merge remote-tracking branch 'sigkillchris/sigkillchris-patch-1' 
* sigkillchris/sigkillchris-patch-1:
  Update detect-MHR.zeek
 2021-06-01 09:52:17 -07:00
Tim Wojtulewicz
7393e13d67 Merge remote-tracking branch 'origin/topic/jsiwek/gh-839-fix-optional-subrecord-table-indices' 
* origin/topic/jsiwek/gh-839-fix-optional-subrecord-table-indices:
  GH-839: Fix use of &optional sub-records within table/set indices
 2021-06-01 09:39:54 -07:00
Chris C
ada482c0e3
Update detect-MHR.zeek 
Update Virustotal URL to current
option match_sub_url = "https://www.virustotal.com/gui/search/%s";
 2021-05-28 14:46:19 -05:00
Tim Wojtulewicz
0e34f2e02f Fix handling of IP packets with bogus IP header lengths 
Credit to OSS-Fuzz for discovery
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34711
(Link to details becomes public 30 days after patch release)
 2021-05-27 16:33:50 -07:00
Jon Siwek
f861a194f9 Update submodule(s) [nomail] [skip ci] 2021-05-27 13:53:38 -07:00
Jon Siwek
77f1ede661 GH-839: Fix use of &optional sub-records within table/set indices 2021-05-26 13:28:13 -07:00
Tim Wojtulewicz
5f57daf9d1 Ensure SessionAdapter members are initialized 
Fixes Coverity #1453273
 2021-05-26 10:53:08 -07:00
Robin Sommer
815b8cbcc9 Merge remote-tracking branch 'origin/topic/robin/file-api-extension' 
* origin/topic/robin/file-api-extension:
  Extend the file analyzer API to set source manually.
 2021-05-26 08:08:09 +02:00
Dominik Charousset
44ca01eb18 Merge branch master into topic/neverlord/telemetry-scraper 2021-05-26 08:06:13 +02:00
Dominik Charousset
3f4b340abb Integrate review feedback 2021-05-26 08:05:14 +02:00
Dominik Charousset
7767c3d36c Sync new broker options, fix name inconsistencies 2021-05-25 17:22:45 +02:00