Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-05 08:08:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
7254 commits 385 branches 195 tags 258 MiB
Commit graph

2138 commits

Author SHA1 Message Date
Jon Siwek
87962a48dd Add a new attribute: &deprecated. 
While scripts are parsed, a warning is raised for each usage of an
identifier marked as &deprecated.  This also works for BIFs.

Addresses BIT-924, BIT-757.
 2015-01-21 09:40:50 -06:00
Robin Sommer
0024881f3d Merge remote-tracking branch 'origin/topic/vladg/mysql' 
* origin/topic/vladg/mysql:
  Updating MySQL with Robin's suggestions:

BIT-1285 #merged
 2015-01-14 14:21:00 -08:00
Robin Sommer
41ff1c4cd0 Merge remote-tracking branch 'origin/topic/robin/dnp3-merge-v4' 
* origin/topic/robin/dnp3-merge-v4:
  add test trace in which DNP3 packets are over UDP; update test scripts and baseline results
  A bit more DNP3 tweaking.
  remove redundnt codes; find a way to use the analyzer function, such as Weird; fix a small bug in ProcessData function in DNP3.cc; passed the test
  Renameing the DNP3 TCP analyzer
  quickly fix another bug; adding missing field of the declaration of dnp3_request_application_header and dnp3_response_application_header
  Removing the debug printf in DNP3.cc
  fixed the bug of deciding the size of object 1 varition 1 in DNP3
  Fix some things in DNP3 UDP analyzer.
  changed a bug, but still not working
  modify DNP3.cc and DNP3.h to add DNP3_UDP_Analyzer; binpac unchanged

BIT-1231 #merged
 2015-01-14 13:25:42 -08:00
Vlad Grigorescu
272916c189 Updating MySQL with Robin's suggestions: 
- Use a boolean success instead of a result string
 - Change the affected_rows response detail string to a "rows" count
 - Fix the state tracking to log incomplete commands
 2015-01-13 14:39:25 -05:00
Hui Lin
794273913f add test trace in which DNP3 packets are over UDP; update test scripts and baseline results 2015-01-07 15:04:22 -06:00
Jon Siwek
138438b88e Merge branch 'master' into topic/jsiwek/file-reassembly-merge 
Conflicts:
	testing/btest/Baseline/plugins.hooks/output
 2015-01-05 15:50:36 -06:00
Jon Siwek
1971d25a5c Fix race condition in unified2 file analyzer startup. 
Retrieval of extended alert information from sid-msg.map, gen-msg.map,
and classification.config files uses Bro's input framework, but since
the unified2 file analyzer also relies on the input framework,
coordination is needed to start analysis only after extended info has
been read at least once.
 2015-01-05 15:38:04 -06:00
Jon Siwek
a3d78cc830 Revert "Workaround race condition in unified2 file module." 
This reverts commit 1a03a95f35.
 2015-01-05 14:51:58 -06:00
Vlad Grigorescu
fa98aee0a7 Merge remote-tracking branch 'origin/master' into topic/vladg/ssh 
Conflicts:
	src/analyzer/protocol/CMakeLists.txt
	src/analyzer/protocol/ssh/Plugin.cc
	src/analyzer/protocol/ssh/SSH.h
 2014-12-27 17:22:26 -06:00
Jon Siwek
1a03a95f35 Workaround race condition in unified2 file module. 
This makes the unit test pass consistently, but need to see about
fixing it in the unified2 file module directly.
 2014-12-17 09:57:06 -06:00
Jon Siwek
cbbe7b52dc Review/fix/change file reassembly functionality. 
- Re-arrange how some fa_file fields (e.g. source, connection info, mime
  type) get updated/set for consistency.

- Add more robust mechanisms for flushing the reassembly buffer.
  The goal being to report all gaps and deliveries to file analyzers
  regardless of the state of the reassembly buffer at the time it has to
  be flushed.
 2014-12-16 14:05:15 -06:00
Jon Siwek
edaf7edc11 Merge remote-tracking branch 'origin/topic/seth/files-reassembly-and-mime-updates' into topic/jsiwek/file-reassembly-merge 
Conflicts:
	testing/btest/Baseline/scripts.policy.misc.dump-events/all-events.log
 2014-12-15 10:33:09 -06:00
Robin Sommer
665e6b00f1 Updating doc baselines. 2014-12-04 09:05:38 -08:00
Robin Sommer
bb7d94d9c5 Merge remote-tracking branch 'origin/topic/jsiwek/bit-1296' 
* origin/topic/jsiwek/bit-1296:
  Make using local IDs in @if directives an error.

BIT-1296 #merged
 2014-12-03 14:14:23 -08:00
Robin Sommer
19d9a8bfa2 Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  Fix some "make doc" warnings and update some doc tests
 2014-12-03 14:10:49 -08:00
Jon Siwek
cdbe459f20 Make using local IDs in @if directives an error. 
Addresses BIT-1296.
 2014-12-02 12:30:46 -06:00
Daniel Thayer
cc7286b628 Fix some "make doc" warnings and update some doc tests 2014-12-01 22:43:17 -06:00
Raúl Benencia
127a61597e Add/invoke "distclean" for testing directories. 
BIT-1292 #close
 2014-12-01 10:43:41 -06:00
Johanna Amann
cd21b7f130 Fix x509 analyzer to correctly return ecdsa as the key_type for ecdsa certs. 
Returned dsa so far.

Bug found by Michał Purzyński
 2014-11-25 11:18:07 -08:00
Gilbert Clark
7eadcad674 Merge branch 'master' into topic/gilbert/plugin-api-tweak 
Conflicts:
	testing/btest/Baseline/plugins.api-version-mismatch/output
	testing/btest/Baseline/plugins.hooks/output
	testing/btest/plugins/api-version-mismatch.sh
 2014-11-24 16:21:23 -05:00
Robin Sommer
9d3cfaddaa Merge branch 'master' of https://github.com/anthonykasza/bro 
- I've changed/extended the URI record fields a bit:
        - path is always the full path including the full file name
        - if there's no path, the field still still be set set "/".
        - file_name is the full name including extenstion, and
          file_base and file_ext split it out.

    - Adding a test exercising a bunch of URLs.
 2014-11-18 12:21:06 -08:00
Jon Siwek
f214158cc5 BIT-1288: Improve coercion of &default expressions. 2014-11-18 12:40:16 -06:00
Robin Sommer
ee14b96a15 Merge remote-tracking branch 'origin/topic/struck/BIT-1287' 
* origin/topic/struck/BIT-1287:
  [ADD] builtin function enum_to_int()

BIT-1287 #merged
 2014-11-11 13:20:40 -08:00
Christian Struck
b36d5fc81b [ADD] builtin function enum_to_int() 
[ADD] added tests for the new enum_to_int function
 2014-11-10 18:24:27 -08:00
Seth Hall
e879aa78f5 Merge remote-tracking branch 'origin/topic/seth/mime-updates' into topic/seth/files-reassembly-and-mime-updates 
Conflicts:
	scripts/base/init-bare.bro
	testing/btest/Baseline/scripts.policy.misc.dump-events/all-events-no-args.log
	testing/btest/Baseline/scripts.policy.misc.dump-events/all-events.log
 2014-11-05 11:42:34 -05:00
Seth Hall
842dfd8b4a Merge remote-tracking branch 'origin/topic/seth/files-tracking' into topic/seth/files-reassembly-and-mime-updates 
Conflicts:
	testing/btest/Baseline/scripts.base.frameworks.file-analysis.http.multipart/out
	testing/btest/Baseline/scripts.policy.misc.dump-events/all-events.log
 2014-11-05 11:40:26 -05:00
Seth Hall
efdfef7970 Merge remote-tracking branch 'origin/master' into topic/seth/mime-updates 
Conflicts:
	testing/btest/Baseline/scripts.policy.misc.dump-events/all-events.log
 2014-11-05 10:57:57 -05:00
Vlad Grigorescu
e86fc160db Merge remote-tracking branch 'origin/master' into topic/vladg/mysql 2014-10-31 21:32:19 -04:00
Robin Sommer
78de5c17ef Merge remote-tracking branch 'origin/topic/jsiwek/bit-1176' 
* origin/topic/jsiwek/bit-1176:
  Fix segfault if when statement's RHS is unitialized.

BIT-1176 #merged
 2014-10-31 16:30:49 -07:00
Robin Sommer
2e7b732c4b Merge remote-tracking branch 'origin/topic/jsiwek/bit-1280' 
* origin/topic/jsiwek/bit-1280:
  BIT-1280: Fix checking vector indices via "in".

BIT-1280 #merged.
 2014-10-31 16:28:08 -07:00
Vlad Grigorescu
743d388be8 Merge remote-tracking branch 'origin/master' into topic/vladg/mysql 2014-10-31 16:46:07 -04:00
Vlad Grigorescu
b484da1539 Update baselines. 2014-10-31 16:45:48 -04:00
Jon Siwek
2a181a88c5 Allow arbitrary when statement timeout expressions 
BIT-1284 #close
 2014-10-31 10:38:23 -05:00
Jon Siwek
1f7facda5b Fix segfault if when statement's RHS is unitialized. 
If it is ever assigned a value, the body of the when can be triggered as
usual.

Addresses BIT-1176.
 2014-10-30 12:19:25 -05:00
Jon Siwek
e5f75cde93 BIT-1280: Fix checking vector indices via "in". 
$ cat test.bro
local vec: vector of string = { "zero" };
vec[2] = "two";
print 0 in vec, 1 in vec, 2 in vec;

$ bro -b test.bro
T, F, T
 2014-10-28 14:21:16 -05:00
Vlad Grigorescu
b259a41ef2 Merge remote-tracking branch 'origin/master' into topic/vladg/mysql 
Conflicts:
	testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log
	testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log
	testing/btest/Baseline/scripts.policy.misc.dump-events/all-events.log
 2014-10-27 13:24:31 -04:00
Robin Sommer
087a9f975d Adding missing baseline. 2014-10-24 15:34:06 -07:00
Robin Sommer
fb56d3f0bb Fixing unstable test. 2014-10-24 13:40:00 -07:00
Robin Sommer
4216a5eb1c Merge remote-tracking branch 'origin/topic/struck/BIT-1277' 
* origin/topic/struck/BIT-1277:
  [ADD] Added the feature to return 0 content to the python http test server and added functionality for post requests
  [ADD] added baseline for the new active-http test and added a test to check for the content-length 0 fix.
  [ADD] added baseline for the new exec test and added a test to check for the empty files fix.
  [FIX] exec should write an empty string when file is empty instead of the filename
  [FIX] Add files to result table even if the files are empty

BIT-1277 #merged
 2014-10-24 11:43:09 -07:00
Robin Sommer
3e508d316a Plugins: Change order in which plugins' scripts are loaded at startup. 
We now load the top-level  __init__.bro before the internal bif.bro so
that the former can define types used by the latter.
 2014-10-23 14:22:26 -07:00
Christian Struck
d17b3746cf [ADD] added baseline for the new active-http test and added a test to check for the content-length 0 fix. 2014-10-22 16:04:04 -07:00
Christian Struck
0a59772043 [ADD] added baseline for the new exec test and added a test to check for the empty files fix. 2014-10-22 16:02:19 -07:00
Johanna Amann
624aa3cac1 Update baseline of new SSL policy script for changes 2014-10-21 11:38:02 -07:00
Johanna Amann
ba3b35a612 Merge remote-tracking branch 'origin/master' into topic/johanna/ssl-resumption 2014-10-21 11:32:46 -07:00
Jon Siwek
02c86b2304 Merge branch 'master' into topic/jsiwek/bit-1235 2014-10-14 14:45:58 -05:00
Jon Siwek
191e5da74d Documentation fixes. 
BIT-1272 #close
 2014-10-14 14:43:08 -05:00
Jon Siwek
7ef1409b40 Change find-bro-logs unit test to follow symlinks. 2014-10-09 16:02:13 -05:00
Daniel Thayer
072dad6508 Add error checks and messages to a test script 2014-10-08 10:42:35 -05:00
Robin Sommer
f4f5cfd321 Further baseline normalization for plugin test portability. 2014-10-08 08:16:31 -07:00
Seth Hall
24a809b53e Merge remote-tracking branch 'origin/master' into topic/seth/mime-updates 2014-10-08 10:04:22 -04:00