Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
17905 commits 387 branches 195 tags 255 MiB
Commit graph

17905 commits

This branch
This branch
All branches
Author SHA1 Message Date
Arne Welzel
94ec3af2b0 cluster/zeromq: Queue one message at a time 
Queueing multiple messages can easily overload the IO loop without
creating any backpressure.
 2025-03-10 17:07:30 +01:00
Arne Welzel
09ccb2e250 cluster/Backend: Queue a single message only 
The ZeroMQ backend would accumulate multiple messages and enqueue them
all at once. However, as this could potentially result in huge batches
of events being queued into the event loop at once, switch to a one
message at a time model. If there's too many messages queued already,
OnLoop::QueueForProcessing() will block the ZeroMQ thread until
there's room available again.
 2025-03-10 17:07:30 +01:00
Arne Welzel
827eccb732 cluster/zeromq: Adapt for OnLoopProcess changes 2025-03-10 17:07:30 +01:00
Arne Welzel
23405194a0 cluster/ThreadedBackend: Switch to OnLoopProcess 2025-03-10 17:07:30 +01:00
Arne Welzel
5dee77e6f2 cluster/OnLoop: Introduce helper template class 2025-03-10 17:07:30 +01:00
Arne Welzel
273a6ec1f3 serializer/broker: Expose to_broker_event() and to_zeek_event() 
This is useful for reuse by WebSocket clients that use
the JSON v1 encoding.
 2025-03-10 17:06:16 +01:00
Tim Wojtulewicz
e8d91c8227 Merge remote-tracking branch 'origin/topic/timw/ci-macos-upgrade-pip' 
* origin/topic/timw/ci-macos-upgrade-pip:
  CI: Unconditionally upgrade pip on macOS
 2025-03-10 08:29:04 -07:00
Tim Wojtulewicz
1b260333fd CI: Unconditionally upgrade pip on macOS 2025-03-10 08:09:41 -07:00
Tim Wojtulewicz
8ed503314d Merge remote-tracking branch 'origin/topic/timw/fix-double-to-docs' 
* origin/topic/timw/fix-double-to-docs:
  Fix return types in docs for double_to_count and double_to_int
 2025-03-10 06:11:56 -07:00
Tim Wojtulewicz
036eb94dff Fix return types in docs for double_to_count and double_to_int 2025-03-10 06:10:21 -07:00
Tim Wojtulewicz
574514b04c Update bifcl submodule [nomail] 2025-03-07 12:14:20 -07:00
Evan Typanski
c8f8bbaccb Merge remote-tracking branch 'origin/topic/etyp/print-type-const' 
* origin/topic/etyp/print-type-const:
  Fix printing type constants like `double`
 2025-03-07 13:14:22 -05:00
Tim Wojtulewicz
62a3119678 Merge remote-tracking branch 'origin/topic/timw/iwyu-clang-tidy' 
* origin/topic/timw/iwyu-clang-tidy:
  Fix indentation in .clang-tidy
  Remove existing hand-written clang-tidy setup
  Add ability to enable iwyu and clang-tidy at configure time
 2025-03-07 11:02:39 -07:00
Tim Wojtulewicz
bb6b44901b Fix indentation in .clang-tidy 2025-03-07 11:00:44 -07:00
Tim Wojtulewicz
36c1a3ca4a Remove existing hand-written clang-tidy setup 2025-03-07 11:00:44 -07:00
Tim Wojtulewicz
c1dd1e991e Add ability to enable iwyu and clang-tidy at configure time 2025-03-07 11:00:44 -07:00
Evan Typanski
4237239325 Fix printing type constants like double 
Fixes #4268
 2025-03-07 11:54:04 -05:00
zeek-bot
1d1ca92662 Update doc submodule [nomail] [skip ci] 2025-03-07 00:21:23 +00:00
Tim Wojtulewicz
81f7e77801 Merge remote-tracking branch 'origin/topic/timw/4266-tunnel-ip-proto' 
* origin/topic/timw/4266-tunnel-ip-proto:
  Set ip_proto when creating new tunnel encapsulations
 2025-03-06 16:42:03 -07:00
Johanna Amann
ae62209e78 Merge remote-tracking branch 'origin/topic/johanna/coc_contributing' 
* origin/topic/johanna/coc_contributing:
  Add code of conduct and contributing to repo.
 2025-03-06 17:24:32 +00:00
Tim Wojtulewicz
479c4be08b Set ip_proto when creating new tunnel encapsulations 2025-03-06 09:25:03 -07:00
Johanna Amann
6fcd02b3a4 Merge remote-tracking branch 'origin/topic/johanna/gh-4251-discussion' 
* origin/topic/johanna/gh-4251-discussion:
  Add two protocol mismatch testcases
  Remove violating t panalyzer from services field again
 2025-03-06 13:12:51 +00:00
Johanna Amann
c161b8dffe Add code of conduct and contributing to repo. 2025-03-06 13:11:17 +00:00
zeek-bot
901903f230 Update doc submodule [nomail] [skip ci] 2025-03-06 00:14:42 +00:00
Arne Welzel
86fd9c4e0d Merge remote-tracking branch 'origin/topic/awelzel/4216-no-more-parse-time-dns-resolutions' 
* origin/topic/awelzel/4216-no-more-parse-time-dns-resolutions:
  ZAM: bif-tracking updates for blocking_lookup_hostname()
  scan.l: Deprecate DNS resolutions of hostname literals
  input/zeek-setup: Track parse_only globally
  zeek.bif: Introduce blocking_lookup_hostname()
  btest/dns_mgr: Update run-dnsmasq, use --host-record
 2025-03-05 19:24:28 +01:00
Arne Welzel
3b7bbb2651 ZAM: bif-tracking updates for blocking_lookup_hostname() 2025-03-05 19:23:08 +01:00
Arne Welzel
715c309b03 scan.l: Deprecate DNS resolutions of hostname literals 
This also skips DNS lookups when running with zeek --parse-only.

Closes #4216 #4219
 2025-03-05 19:23:08 +01:00
Arne Welzel
e14f54b474 input/zeek-setup: Track parse_only globally 
For easier access in scan.l
 2025-03-05 19:23:08 +01:00
Arne Welzel
376913b509 zeek.bif: Introduce blocking_lookup_hostname() 
As a replacement for host literal DNS resolutions.
 2025-03-05 19:22:57 +01:00
Arne Welzel
7eec3859fa btest/dns_mgr: Update run-dnsmasq, use --host-record 
Using dnsmasq --address covers an entire domain, so dns.example.com
AAAA queries would also return IPv6 addresses for example.com

Instead, this was always meant to use host entries.
 2025-03-05 12:39:15 +01:00
zeek-bot
3595f50f16 Update doc submodule [nomail] [skip ci] 2025-03-05 00:17:11 +00:00
Christian Kreibich
c2a7da0044 Update zeekctl submodule to pull in testsuite fix for metrics port 2025-03-04 12:53:17 -08:00
Tim Wojtulewicz
8f0236448b Merge remote-tracking branch 'origin/topic/timw/reformat-cpp-code-in-bison-and-flex-files' 
* origin/topic/timw/reformat-cpp-code-in-bison-and-flex-files:
  Reformat embedded C++ code in bison/flex files
 2025-03-04 09:34:06 -07:00
Tim Wojtulewicz
61cd5779f2 Reformat embedded C++ code in bison/flex files 2025-03-04 09:33:30 -07:00
Tim Wojtulewicz
a2a30f2a2b Merge remote-tracking branch 'origin/topic/timw/iptunnel-coverity-findings' 
* origin/topic/timw/iptunnel-coverity-findings:
  Fix Coverity findings from recent IPTunnel dumping changes
 2025-03-04 08:53:04 -07:00
Johanna Amann
2daf692c95 Add two protocol mismatch testcases 
These traces contain different protocols being used by originator/responder.

Traces from GH-4251
 2025-03-04 15:38:20 +00:00
Johanna Amann
b8c135d7cb Remove violating analyzer from services field again 
This reverts some of the recent DPD changes; specifically violations
trigger removal from the services field, again, by default.

Discussion in GH-4521
 2025-03-04 15:10:49 +00:00
Johanna Amann
dfa011a3ee Merge remote-tracking branch 'origin/topic/johanna/gh-4237' 
* origin/topic/johanna/gh-4237:
  RDP: cookie is optional
 2025-03-04 13:41:18 +00:00
Johanna Amann
72ea7fc06c RDP: cookie is optional 
Fixes GH-4237
 2025-03-04 13:38:01 +00:00
Arne Welzel
5cb25fd2e8 testing/external: Fix commit-hash.zeek-testing-private 
update-changes mishap :-(
 2025-03-04 14:36:02 +01:00
Arne Welzel
548a12813a Merge branch 'master' of https://github.com/markoverholser/zeek 
* 'master' of https://github.com/markoverholser/zeek:
  Update zeek.bif documentation for to_count and to_int
 2025-03-04 12:07:22 +01:00
Arne Welzel
3bec357ace Merge remote-tracking branch 'origin/topic/timw/bifs-tocount-zam-baseline' 
* origin/topic/timw/bifs-tocount-zam-baseline:
  CI: Add release-build ZAM task for baseline checks during PRs
  Fix language/assert btest baselines for to_count/to_int changes
  Update the bifs.to_count baseline for ZAM
 2025-03-04 12:06:24 +01:00
Arne Welzel
a3a08fa0f3 Merge remote-tracking branch 'origin/topic/awelzel/2311-load-plugin-bare-mode' 
* origin/topic/awelzel/2311-load-plugin-bare-mode:
  scan.l: Fix @load-plugin scripts loading
  scan.l: Extract switch_to() from load_files()
  ScannedFile: Allow skipping canonicalization
 2025-03-04 09:43:53 +01:00
Arne Welzel
ab99f8e233 scan.l: Fix @load-plugin scripts loading 
For a plugin loaded via @load-plugin, create a YY_BUFFER_STATE holding
the required loads for the implicitly loaded files. In loaded scripts,
this generated file will show up with a path of the shared object file
of the plugin with the __preload__.zeek and __load__.zeek files loaded
by it.

Closes #2311
 2025-03-04 09:35:00 +01:00
Robin Sommer
b77faa765a
Spicy: Fix passing vectors to Zeek. 
We missed the allocator argument for the C++-side conversion
template, which let vector's of certain types not compile.

Closes #4250.
 2025-03-04 09:24:03 +01:00
Benjamin Bannier
60bd08ca1a Merge remote-tracking branch 'origin/topic/bbannier/bump-pre-commit-hooks' [skip CI] 2025-03-04 09:13:11 +01:00
Benjamin Bannier
5d44073b94 Bump pre-commit hooks 2025-03-04 08:14:26 +01:00
Tim Wojtulewicz
19d22ad53b Fix Coverity findings from recent IPTunnel dumping changes 2025-03-03 19:14:29 -07:00
Tim Wojtulewicz
a86a9e2cc0 CI: Add release-build ZAM task for baseline checks during PRs 2025-03-03 15:51:29 -07:00
Tim Wojtulewicz
daaf3142bf Merge remote-tracking branch 'origin/topic/bbannier/cmake-format-zeek-add-analyzer' 
* origin/topic/bbannier/cmake-format-zeek-add-analyzer:
  Always break lines when formatting `spicy_add_analyzer`
  Fix formatting of `zeek_add_plugin`
 2025-03-03 10:47:14 -07:00