Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
17801 commits 387 branches 195 tags 255 MiB
Commit graph

17801 commits

This branch
This branch
All branches
Author SHA1 Message Date
Arne Welzel
db28ff04e2 Merge remote-tracking branch 'origin/topic/awelzel/javascript-separate-thread' 
* origin/topic/awelzel/javascript-separate-thread:
  btest/javascript: Add file_sniff() and file_state_remove() test
  Bump zeekjs to v0.15.0
 2025-03-10 19:42:36 +01:00
Arne Welzel
e2b65acc6d btest/javascript: Add file_sniff() and file_state_remove() test 
Using file_state_remove() or file_sniff() would previously crash with the
spicy-zip file analyzer. We don't have spicy-zip here, so it's not a
proper reproducer, but still makes sense to test these events.
 2025-03-10 19:15:06 +01:00
Arne Welzel
cf154e02dd Bump zeekjs to v0.15.0 
f5ff7c4 version: 0.15.0
    2a48143 docker/fedora: Bust cache and ensure sqlite-libs is updated
    05e5f57 Executor: Unblock SIGTERM in thread
    46496b9 Instance: Remove unsued variable
    c3b3c86 Instance: Offload JavaScript invocations to executor thread
    09e311f Introduce Executor helper

Mainly, run JavaScript on a separate thread for interoperability with
Spicy fiber stacks.

Closes #4239
 2025-03-10 19:14:45 +01:00
Tim Wojtulewicz
e8d91c8227 Merge remote-tracking branch 'origin/topic/timw/ci-macos-upgrade-pip' 
* origin/topic/timw/ci-macos-upgrade-pip:
  CI: Unconditionally upgrade pip on macOS
 2025-03-10 08:29:04 -07:00
Tim Wojtulewicz
1b260333fd CI: Unconditionally upgrade pip on macOS 2025-03-10 08:09:41 -07:00
Tim Wojtulewicz
8ed503314d Merge remote-tracking branch 'origin/topic/timw/fix-double-to-docs' 
* origin/topic/timw/fix-double-to-docs:
  Fix return types in docs for double_to_count and double_to_int
 2025-03-10 06:11:56 -07:00
Tim Wojtulewicz
036eb94dff Fix return types in docs for double_to_count and double_to_int 2025-03-10 06:10:21 -07:00
Tim Wojtulewicz
574514b04c Update bifcl submodule [nomail] 2025-03-07 12:14:20 -07:00
Evan Typanski
c8f8bbaccb Merge remote-tracking branch 'origin/topic/etyp/print-type-const' 
* origin/topic/etyp/print-type-const:
  Fix printing type constants like `double`
 2025-03-07 13:14:22 -05:00
Tim Wojtulewicz
62a3119678 Merge remote-tracking branch 'origin/topic/timw/iwyu-clang-tidy' 
* origin/topic/timw/iwyu-clang-tidy:
  Fix indentation in .clang-tidy
  Remove existing hand-written clang-tidy setup
  Add ability to enable iwyu and clang-tidy at configure time
 2025-03-07 11:02:39 -07:00
Tim Wojtulewicz
bb6b44901b Fix indentation in .clang-tidy 2025-03-07 11:00:44 -07:00
Tim Wojtulewicz
36c1a3ca4a Remove existing hand-written clang-tidy setup 2025-03-07 11:00:44 -07:00
Tim Wojtulewicz
c1dd1e991e Add ability to enable iwyu and clang-tidy at configure time 2025-03-07 11:00:44 -07:00
Evan Typanski
4237239325 Fix printing type constants like double 
Fixes #4268
 2025-03-07 11:54:04 -05:00
zeek-bot
1d1ca92662 Update doc submodule [nomail] [skip ci] 2025-03-07 00:21:23 +00:00
Tim Wojtulewicz
81f7e77801 Merge remote-tracking branch 'origin/topic/timw/4266-tunnel-ip-proto' 
* origin/topic/timw/4266-tunnel-ip-proto:
  Set ip_proto when creating new tunnel encapsulations
 2025-03-06 16:42:03 -07:00
Johanna Amann
ae62209e78 Merge remote-tracking branch 'origin/topic/johanna/coc_contributing' 
* origin/topic/johanna/coc_contributing:
  Add code of conduct and contributing to repo.
 2025-03-06 17:24:32 +00:00
Tim Wojtulewicz
479c4be08b Set ip_proto when creating new tunnel encapsulations 2025-03-06 09:25:03 -07:00
Johanna Amann
6fcd02b3a4 Merge remote-tracking branch 'origin/topic/johanna/gh-4251-discussion' 
* origin/topic/johanna/gh-4251-discussion:
  Add two protocol mismatch testcases
  Remove violating t panalyzer from services field again
 2025-03-06 13:12:51 +00:00
Johanna Amann
c161b8dffe Add code of conduct and contributing to repo. 2025-03-06 13:11:17 +00:00
zeek-bot
901903f230 Update doc submodule [nomail] [skip ci] 2025-03-06 00:14:42 +00:00
Arne Welzel
86fd9c4e0d Merge remote-tracking branch 'origin/topic/awelzel/4216-no-more-parse-time-dns-resolutions' 
* origin/topic/awelzel/4216-no-more-parse-time-dns-resolutions:
  ZAM: bif-tracking updates for blocking_lookup_hostname()
  scan.l: Deprecate DNS resolutions of hostname literals
  input/zeek-setup: Track parse_only globally
  zeek.bif: Introduce blocking_lookup_hostname()
  btest/dns_mgr: Update run-dnsmasq, use --host-record
 2025-03-05 19:24:28 +01:00
Arne Welzel
3b7bbb2651 ZAM: bif-tracking updates for blocking_lookup_hostname() 2025-03-05 19:23:08 +01:00
Arne Welzel
715c309b03 scan.l: Deprecate DNS resolutions of hostname literals 
This also skips DNS lookups when running with zeek --parse-only.

Closes #4216 #4219
 2025-03-05 19:23:08 +01:00
Arne Welzel
e14f54b474 input/zeek-setup: Track parse_only globally 
For easier access in scan.l
 2025-03-05 19:23:08 +01:00
Arne Welzel
376913b509 zeek.bif: Introduce blocking_lookup_hostname() 
As a replacement for host literal DNS resolutions.
 2025-03-05 19:22:57 +01:00
Arne Welzel
7eec3859fa btest/dns_mgr: Update run-dnsmasq, use --host-record 
Using dnsmasq --address covers an entire domain, so dns.example.com
AAAA queries would also return IPv6 addresses for example.com

Instead, this was always meant to use host entries.
 2025-03-05 12:39:15 +01:00
zeek-bot
3595f50f16 Update doc submodule [nomail] [skip ci] 2025-03-05 00:17:11 +00:00
Christian Kreibich
c2a7da0044 Update zeekctl submodule to pull in testsuite fix for metrics port 2025-03-04 12:53:17 -08:00
Tim Wojtulewicz
8f0236448b Merge remote-tracking branch 'origin/topic/timw/reformat-cpp-code-in-bison-and-flex-files' 
* origin/topic/timw/reformat-cpp-code-in-bison-and-flex-files:
  Reformat embedded C++ code in bison/flex files
 2025-03-04 09:34:06 -07:00
Tim Wojtulewicz
61cd5779f2 Reformat embedded C++ code in bison/flex files 2025-03-04 09:33:30 -07:00
Tim Wojtulewicz
a2a30f2a2b Merge remote-tracking branch 'origin/topic/timw/iptunnel-coverity-findings' 
* origin/topic/timw/iptunnel-coverity-findings:
  Fix Coverity findings from recent IPTunnel dumping changes
 2025-03-04 08:53:04 -07:00
Johanna Amann
2daf692c95 Add two protocol mismatch testcases 
These traces contain different protocols being used by originator/responder.

Traces from GH-4251
 2025-03-04 15:38:20 +00:00
Johanna Amann
b8c135d7cb Remove violating analyzer from services field again 
This reverts some of the recent DPD changes; specifically violations
trigger removal from the services field, again, by default.

Discussion in GH-4521
 2025-03-04 15:10:49 +00:00
Johanna Amann
dfa011a3ee Merge remote-tracking branch 'origin/topic/johanna/gh-4237' 
* origin/topic/johanna/gh-4237:
  RDP: cookie is optional
 2025-03-04 13:41:18 +00:00
Johanna Amann
72ea7fc06c RDP: cookie is optional 
Fixes GH-4237
 2025-03-04 13:38:01 +00:00
Arne Welzel
5cb25fd2e8 testing/external: Fix commit-hash.zeek-testing-private 
update-changes mishap :-(
 2025-03-04 14:36:02 +01:00
Arne Welzel
548a12813a Merge branch 'master' of https://github.com/markoverholser/zeek 
* 'master' of https://github.com/markoverholser/zeek:
  Update zeek.bif documentation for to_count and to_int
 2025-03-04 12:07:22 +01:00
Arne Welzel
3bec357ace Merge remote-tracking branch 'origin/topic/timw/bifs-tocount-zam-baseline' 
* origin/topic/timw/bifs-tocount-zam-baseline:
  CI: Add release-build ZAM task for baseline checks during PRs
  Fix language/assert btest baselines for to_count/to_int changes
  Update the bifs.to_count baseline for ZAM
 2025-03-04 12:06:24 +01:00
Arne Welzel
a3a08fa0f3 Merge remote-tracking branch 'origin/topic/awelzel/2311-load-plugin-bare-mode' 
* origin/topic/awelzel/2311-load-plugin-bare-mode:
  scan.l: Fix @load-plugin scripts loading
  scan.l: Extract switch_to() from load_files()
  ScannedFile: Allow skipping canonicalization
 2025-03-04 09:43:53 +01:00
Arne Welzel
ab99f8e233 scan.l: Fix @load-plugin scripts loading 
For a plugin loaded via @load-plugin, create a YY_BUFFER_STATE holding
the required loads for the implicitly loaded files. In loaded scripts,
this generated file will show up with a path of the shared object file
of the plugin with the __preload__.zeek and __load__.zeek files loaded
by it.

Closes #2311
 2025-03-04 09:35:00 +01:00
Benjamin Bannier
60bd08ca1a Merge remote-tracking branch 'origin/topic/bbannier/bump-pre-commit-hooks' [skip CI] 2025-03-04 09:13:11 +01:00
Benjamin Bannier
5d44073b94 Bump pre-commit hooks 2025-03-04 08:14:26 +01:00
Tim Wojtulewicz
19d22ad53b Fix Coverity findings from recent IPTunnel dumping changes 2025-03-03 19:14:29 -07:00
Tim Wojtulewicz
a86a9e2cc0 CI: Add release-build ZAM task for baseline checks during PRs 2025-03-03 15:51:29 -07:00
Tim Wojtulewicz
daaf3142bf Merge remote-tracking branch 'origin/topic/bbannier/cmake-format-zeek-add-analyzer' 
* origin/topic/bbannier/cmake-format-zeek-add-analyzer:
  Always break lines when formatting `spicy_add_analyzer`
  Fix formatting of `zeek_add_plugin`
 2025-03-03 10:47:14 -07:00
Benjamin Bannier
e768cee88c Always break lines when formatting spicy_add_analyzer 2025-03-03 11:24:20 +01:00
Benjamin Bannier
7c456538b4 Fix formatting of zeek_add_plugin 2025-03-03 11:23:09 +01:00
Tim Wojtulewicz
6de81160b6 Fix language/assert btest baselines for to_count/to_int changes 2025-02-28 20:21:57 -07:00
Tim Wojtulewicz
eb015801bd Update the bifs.to_count baseline for ZAM 2025-02-28 20:21:57 -07:00