Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
19614 commits 387 branches 195 tags 255 MiB
Commit graph

24 commits

Author SHA1 Message Date
Tim Wojtulewicz
8efddf87d9 SMB: Init lanman time and set TZ correctly before calling mktime 
This makes a change to the record for smb1-negotiate-response as well.
Times and dates are two 2-byte sections, not three. Switch the parsing
to just use two uint16s, and pass those into the lanman time conversion
function.
 2025-09-29 08:56:49 -07:00
Tim Wojtulewicz
0227e3a545 Fix clang-tidy modernize-use-bool-literals findings 2025-06-06 11:43:06 -07:00
Vern Paxson
245108e86e remove unnecessary casts, and change necessary ones to use static_cast<> 2021-03-18 13:24:25 -07:00
Vern Paxson
62bab66114 migration to using new differentiated methods for setting record fields 2021-02-25 16:59:26 -08:00
Tim Wojtulewicz
adcf99b25e Fix uses of bro.pac to use zeek.pac 2020-08-25 17:03:23 -07:00
Tim Wojtulewicz
86fdf0eaa9 Mark global val_mgr as deprecated and fix uses of it to use namespaced version 2020-07-02 16:15:00 -07:00
Tim Wojtulewicz
64332ca22c Move all Val classes to the zeek namespaces 2020-06-30 20:48:09 -07:00
Tim Wojtulewicz
9364e6a5b7 Move IntrusivePtr and utility methods to the zeek namespace 2020-06-30 20:19:12 -07:00
Jon Siwek
7843416e51 Use zeek::BifEvent:: for enqueue_ functions instead of BifEvent:: 2020-05-14 17:27:42 -07:00
Jon Siwek
eedeb07550 Deprecate all BroType* in BifType:: namespace 
Replaced with equivalently named IntrusivePtr in zeek::BifType::
 2020-05-14 17:25:35 -07:00
Jon Siwek
a5762c12cc Move various elements into ID.h and zeek::id namespace 
* A handful of generic/useful/common global type pointers that used
  to be in NetVar.h

* Lookup functions that used to be Var.h
 2020-05-14 17:24:20 -07:00
Jon Siwek
c0986f0739 Deprecate global type pointers in NetVar.h 
There's analogous IntrusivePtrs in zeek::vars
 2020-05-14 17:23:20 -07:00
Jon Siwek
d4dba40727 Deprecate VectorVal(VectorType*) ctora 
Adds a new one taking an IntrusivePtr.
 2020-05-14 17:23:20 -07:00
Jon Siwek
a60e5e9582 Migrate SMB analyzer to use IntrusivePtr 
Deprecates the utf16_bytestring_to_utf8_val() function with replacement
being utf16_to_utf8_val().
 2020-05-14 17:18:00 -07:00
Jon Siwek
743303950b Deprecate binpac::bytestring_to_val, replace with binpac::to_stringval 2020-04-20 14:30:49 -07:00
Jon Siwek
81517bd703 Update deprecated BifEvent::generate_* usages 2020-04-17 18:42:58 -07:00
Jon Siwek
93f4c5871b Update deprecated ValManager::GetCount usages 2020-04-16 16:46:36 -07:00
Jon Siwek
d9edd855da Update deprecated ValManager::GetBool usages 2020-04-16 16:44:33 -07:00
Jon Siwek
2982765128 Pre-allocate and re-use Vals for bool, int, count, enum and empty string 2019-01-09 18:29:23 -06:00
Robin Sommer
ad4263a98d Minor cleanup. 2016-07-07 11:55:57 -07:00
Seth Hall
91161f790c SMB test clean up and docs 2016-06-28 10:30:41 -04:00
Seth Hall
78d9e38167 Fix a small bug with scriptland data types that led to a crash. 2016-04-04 15:07:01 -04:00
Seth Hall
5b5589e167 Complete breakout of SMB, GSSAPI, and NTLM 
- Looser coupling between these analyzers.
 - New ntlm.log (still pretty early)
 - Improved string handling for NTLM (convert UTF16 to UTF8)
 - SMB2 analyzer now supports GSSAPI.
 - Improved abstraction of DCE_RPC operations (still not finished)
 - Lots of whitespace cleanup.
 2016-04-03 04:17:20 -04:00
Vlad Grigorescu
6a34de5dd8 SMB & NTLM analyzers. 2014-07-24 21:46:38 -04:00