The following two patterns were identified while reviewing patterns that
match on any characters. The intention likely was to match actual
literal dots.
Script parsing includes reading script content from stdin, which in turn
includes interactive Zeek sessions. Keeping the signals masked there broke
ctrl-c behavior.
The core.load-stdin test checks Zeek's ability to read scripts from stdin.
core.sigterm-regular and core.sigterm-stdin verify that SIGTERM shuts down a
Zeek process during normal operation and while reading script content from
stdin, respectively. For technical reasons we don't test with SIGINT, as ctrl-c
would trigger -- see comments for details.
For a build configured with `--disable-cpp-tests` we globally set
`-DDOCTEST_CONFIG_DISABLE`. Spicy does not expect this define to be used
and its unit tests fail to build with it.
This patch adds a Zeek-side workaround for that. We now do not build the
Spicy unit test targets as part of `ALL` anymore.
Closes#2238.
One change: turns out that zeek-config isn't in PATH, so I prefixed it
with $BUILD.
* origin/topic/awelzel/913-plugin-debug-stream-validation:
zeek-setup: Validate plugin debug streams during startup
Providing an unknown plugin debug stream with -B was previously silently
accepted. This caused user confusing as the behavior is "no output, but
seems to work".
Check the enabled debug streams once all plugins have been loaded and
exit early on for invalid streams.
$ ZEEK_PLUGIN_PATH=./build zeek -B plugin-zeek-myplugin -e 'print zeek_version();'
error in <command line>, line 3: No plugin debug stream 'plugin-zeek-myplugin' found
Closes#913.
* origin/topic/awelzel/2120-logdir-leftover:
sqlite default-logdir test: Remove ls ./logs baseline
logging/sqlite: Recognize Log::default_logdir and place files there if set
logging: Introduce Log::default_logdir deprecate LogAscii::logdir and per writer logdir
logging/ascii: Fix .shadow paths when using LogAscii::logdir
Observed .sqlite-journal files and missing reporter.sqlite files
in CI runs. Subsequently reading the ./test.sqlite file is more
reliable and should be good enough.
Also modify FormatRotationPath to keep rotated logs within
Log::default_logdir unless the rotation function explicitly
set dir, e.g. by when the user redef'ed default_rotation_interval.
With the introduction of LogAscii::logdir, log filenames can now include
parent directories rather than being plain basenames. Enabling log rotation,
leftover log rotation and setting LogAscii::logdir broke due to not
handling this situation.
This change ensures that .shadow files are placed within the directory where
the respective .log file is created. Previously, the .shadow. (or .tmp.shadow.)
prefix was simply prepended, yielding non-sensical paths such as
.tmp.shadow.foo/bar/packet_filter.log for a logdir of foo/bar.
Additionally, respect LogAscii::logdir when searching for leftover log files
rather than defaulting to the current working directory.
The following quirk exist around LogAscii::logdir, but will be addressed
in a follow-up.
* By default, logs are currently rotated into the working directory of the
process, rather than staying confined within LogAscii::logdir. One of
the added tests shows this behavior.
* origin/topic/timw/dict-templates-redux:
Update NEWS with breakage/deprecation notes about Dictionary changes [nomail] [skip ci]
Remove unnecssary includes of Dict.h
Turn PDict into a type alias
Convert Dictionary types to be templated classes
Fix signedness comparison warning in ssl analyzer
The upload-artifact action refuses to process certain filenames:
"Invalid characters include: Double quote ", Colon :, Less than <,
Greater than >, Vertical bar |, Asterisk *, Question mark ?, Carriage
return \r, Line feed \n"
On failure, this iterates over the btest artifacts in the testsuite's .tmp
directory and renames any of these to dots.
There's currently a race condition in the agent-supervisor interaction that can
cause requests to the Supervisor to get lost. This temporarily masks the
testsuite result until I've had a chance to investigate.
This adds https://github.com/gulrak/filesystem as a submodule into auxil
as a compiler-independent std::filesystem replacement.
The ghc::filesystem namespace is exposed as zeek::filesystem in util.h.
In the build directory, we add 3rdparty/ghc as a symlink to auxil in
order to support building from the build tree.
<build_dir>/src/3rdparty/ghc -> /path/to/zeek/src/auxil/filesystem/include/ghc
In the installation tree, the headers are installed into include/zeek/3rdparty:
<install_dir>/include/zeek/3rdparty/ghc
Note, this differs from how we approached rapidjson which isn't included
using a zeek/3rdparty and instead requires an additional include path of
the following form for external plugins to find and use it.
<install_dir>/include/zeek/3rdparty/rapidjson/include/
We diverge from this approach. Placing ghc directly into 3rdparty appears
nicer and avoids changing external components (DynamicPlugin.cmake / spicyc)
* 'update' of https://github.com/leres/zeek:
Return false on error from the other place we call fstat()
Address concerns raised by @0xxon; avoid the new code path when reading from a pipe and return false if fstat() fails after sucessfully opening the file (unlikely).
Tweak some new comments
Remove child program check, it's probably wrong given the test failures it causes
Conform to style police
Only set mtime and ino in Raw::OpenInput() do this for MODE_STREAM and avoid breaking MODE_REREAD
Implement tail -F semantics for input framework MODE_STREAM Open /dev/null if the file is missing during init and wait for file to be created Collect initial ino, dev, and mtime when first opening the file Detect if the file has been replaced and open the new version
Only set mtime and ino in Raw::OpenInput() do this for MODE_STREAM and avoid breaking MODE_REREAD
Implement tail -F semantics for input framework MODE_STREAM Open /dev/null if the file is missing during init and wait for file to be created Collect initial ino, dev, and mtime when first opening the file Detect if the file has been replaced and open the new version
