Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
17905 commits 387 branches 195 tags 255 MiB
Commit graph

17905 commits

This branch
This branch
All branches
Author SHA1 Message Date
Tim Wojtulewicz
d989d1fc0e CI: Run btests on macOS under sudo 2025-03-19 10:56:45 -07:00
Christian Kreibich
637baefd2c Merge branch 'topic/christian/is_valid_subnet' 
* topic/christian/is_valid_subnet:
  Minor typo/markup fixes in NEWS.
  Add is_valid_subnet BiF
  Add btests for has_valid_octets() and normalize_mac()
 2025-03-19 10:11:02 -07:00
Johanna Amann
7626039635 Merge remote-tracking branch 'origin/topic/johanna/ssh-server-banners-can-be-wild' 
* origin/topic/johanna/ssh-server-banners-can-be-wild:
  SSH analyzer - tiny aesthetic fixes
  SSH: make banner parsing more robust
  SSH: split banner into client/server parts
 2025-03-19 15:31:35 +00:00
Johanna Amann
19a070080f SSH analyzer - tiny aesthetic fixes 
No functional changes. Addresses feedback of GH-4289
 2025-03-19 10:38:03 +00:00
Christian Kreibich
283b140e6a Minor typo/markup fixes in NEWS. 2025-03-18 20:25:49 -07:00
Yacin Nadji
8b83c2995a Add is_valid_subnet BiF 
Also includes consistency tweak for is_valid_ip() plus test cases.
 2025-03-18 20:25:32 -07:00
Christian Kreibich
7ba9609992 Add btests for has_valid_octets() and normalize_mac() 
These functions reside in base/utils/addrs.zeek and were not tested. We don't
use has_valid_octets() anywhere right now, normalize_mac() is used in the RADIUS
analyzer, and addr_to_uri() is used in the signatures/dpd.zeek tests.
 2025-03-18 20:21:43 -07:00
zeek-bot
d7cc409fd5 Update doc submodule [nomail] [skip ci] 2025-03-19 00:36:02 +00:00
Tim Wojtulewicz
cb5e3d0054 Merge remote-tracking branch 'origin/topic/timw/vntag-in-vlan' 
* origin/topic/timw/vntag-in-vlan:
  Add analyzer registration from VLAN to VNTAG
 2025-03-18 11:52:19 -07:00
Tim Wojtulewicz
43faea880b Add analyzer registration from VLAN to VNTAG 2025-03-18 11:51:27 -07:00
Tim Wojtulewicz
d9af6d0270 Update src/3rdparty submodule [nomail] 2025-03-18 11:47:50 -07:00
Tim Wojtulewicz
e92f41e737 Updating CHANGES and VERSION. 2025-03-18 11:44:38 -07:00
Tim Wojtulewicz
75fef4b2cf Merge remote-tracking branch 'origin/topic/timw/storage-framework' 
* origin/topic/timw/storage-framework: (52 commits)
  Update docs submodule [nomail]
  Cleanup/update comments across the storage C++ files
  Split storage.bif file into events/sync/async, add more comments
  Update comments in script files, run zeek-format on all of them
  Allow sync methods to be called from when conditions, add related btest
  Redis: Handle disconnection correctly via callback
  Redis: Fix sync erase, add btest for it
  Remove default argument for callbacks, reorder function arguments
  Remove file-local expire_running variable
  Pass network time down to Expire()
  Add IN_PROGRESS return code, handle for async backends
  Store sqlite3_stmts directly instead of looking up from a map
  Reduce code duplication in storage.bif
  Add OperationResult::MakeVal, use it to reduce some code duplication
  Rearrange visibility of Backend methods, add DoPoll/DoExpire, add return comments
  Implement Storage::backend_opened and Storage::backend_lost events
  SQLite: expand expiration test
  SQLite: Handle other return values from sqlite3_step
  Redis: Fix thread-contention issues with Expire(), add more tests
  Change how redis-server is run during btests, removing redis.conf
  ...
 2025-03-18 11:43:48 -07:00
Tim Wojtulewicz
6fa2202826 Update docs submodule [nomail] 2025-03-18 10:25:14 -07:00
Tim Wojtulewicz
8bca6a8594 Cleanup/update comments across the storage C++ files 2025-03-18 10:20:34 -07:00
Tim Wojtulewicz
c7015e8250 Split storage.bif file into events/sync/async, add more comments 2025-03-18 10:20:34 -07:00
Tim Wojtulewicz
f40947f6ac Update comments in script files, run zeek-format on all of them 2025-03-18 10:20:34 -07:00
Tim Wojtulewicz
d0741c8001 Allow sync methods to be called from when conditions, add related btest 2025-03-18 10:20:34 -07:00
Tim Wojtulewicz
a40db844eb Redis: Handle disconnection correctly via callback 2025-03-18 10:20:34 -07:00
Tim Wojtulewicz
b067a6e588 Redis: Fix sync erase, add btest for it 2025-03-18 10:20:34 -07:00
Tim Wojtulewicz
e6f1eea1b7 Remove default argument for callbacks, reorder function arguments 2025-03-18 10:20:34 -07:00
Tim Wojtulewicz
605973497f Remove file-local expire_running variable 2025-03-18 10:20:34 -07:00
Tim Wojtulewicz
ebefb21c53 Pass network time down to Expire() 2025-03-18 10:20:34 -07:00
Tim Wojtulewicz
c7503654e8 Add IN_PROGRESS return code, handle for async backends 2025-03-18 10:20:34 -07:00
Tim Wojtulewicz
60aa987e06 Store sqlite3_stmts directly instead of looking up from a map 2025-03-18 10:20:34 -07:00
Tim Wojtulewicz
44c6e32ae7 Reduce code duplication in storage.bif 2025-03-18 10:20:34 -07:00
Tim Wojtulewicz
ad224d9a3b Add OperationResult::MakeVal, use it to reduce some code duplication 2025-03-18 10:20:34 -07:00
Tim Wojtulewicz
99160f8fcd Rearrange visibility of Backend methods, add DoPoll/DoExpire, add return comments 2025-03-18 10:20:34 -07:00
Tim Wojtulewicz
cc7b2dc890 Implement Storage::backend_opened and Storage::backend_lost events 2025-03-18 10:20:34 -07:00
Tim Wojtulewicz
a99a13dc4c SQLite: expand expiration test 2025-03-18 10:20:33 -07:00
Tim Wojtulewicz
ac4aef2d94 SQLite: Handle other return values from sqlite3_step 2025-03-18 10:20:33 -07:00
Tim Wojtulewicz
cca1d4f988 Redis: Fix thread-contention issues with Expire(), add more tests 2025-03-18 10:20:33 -07:00
Tim Wojtulewicz
b81e876ec8 Change how redis-server is run during btests, removing redis.conf 2025-03-18 10:20:33 -07:00
Tim Wojtulewicz
9ed3e33f97 Completely rework return values from storage operations 2025-03-18 10:20:33 -07:00
Tim Wojtulewicz
8ddda016ff Update some btests due to timing changes 2025-03-18 10:20:33 -07:00
Tim Wojtulewicz
e766af7322 Split sync/async handling into the BIF methods 2025-03-18 10:20:33 -07:00
Tim Wojtulewicz
c247de8ec3 Redis: Rework everything to only use async mode 2025-03-18 10:20:33 -07:00
Tim Wojtulewicz
40f60f26b3 Run expiration on a separate thread 2025-03-18 10:20:33 -07:00
Tim Wojtulewicz
cad48cebd4 Pass network-time-based expiration time to backends instead of an interval 2025-03-18 10:20:33 -07:00
Tim Wojtulewicz
a485b1d237 Make backend options a record, move actual options to be sub-records 2025-03-18 10:20:33 -07:00
Tim Wojtulewicz
64f3969434 Always register backend for expiration, check for open during loop 2025-03-18 10:20:33 -07:00
Tim Wojtulewicz
28951dccf1 Split sync and async into separate script-land namespaces 2025-03-18 10:20:33 -07:00
Tim Wojtulewicz
e8074c40d4 Remove Backend::SupportsAsync 2025-03-18 09:32:34 -07:00
Tim Wojtulewicz
42ad5bbf7d Add btest that uses a Redis backend in a cluster 2025-03-18 09:32:34 -07:00
Tim Wojtulewicz
f1a7376e0a Return generic result for get operations that includes error messages 2025-03-18 09:32:34 -07:00
Tim Wojtulewicz
4695060d75 Allow opening and closing backends to be async 2025-03-18 09:32:34 -07:00
Tim Wojtulewicz
ea87c773cd Redis: Support non-native expiration when reading traces 2025-03-18 09:32:34 -07:00
Tim Wojtulewicz
08bebaa426 Redis: Add btests for the redis backend 2025-03-18 09:32:34 -07:00
Tim Wojtulewicz
52d94b781a Redis: Force storage sync mode when reading pcaps, default to async mode 2025-03-18 09:32:34 -07:00
Tim Wojtulewicz
31e146b16d Redis: Add new backend 2025-03-18 09:32:34 -07:00