Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-04 15:48:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
9059 commits 385 branches 195 tags 258 MiB
Commit graph

9059 commits

This branch
This branch
All branches
Author SHA1 Message Date
Mauro Palumbo
3e7532e760 update tests baseline 2019-06-14 14:00:33 +02:00
Mauro Palumbo
32663cec04 Apply requested changes: 
- file dpd.sig and TODO comments for signature protocol detection removed
- missing doc field filled in events.bif
- rename OpCode and ReqCode fields into op_code and req_code respectively
- removed unnecessary child method in NTP.h/.cc
- main.zeek and ntp-protocol.pac reformatted
 2019-06-14 12:30:29 +02:00
Tim Wojtulewicz
23f9fb0ae9 Allow assignment for vectors using slices 2019-06-13 15:37:31 -07:00
Tim Wojtulewicz
964e2c91a3 Check for integral slice indexes, add extra test for [:] 2019-06-13 13:40:07 -07:00
Jon Siwek
fcceba5ece Merge remote-tracking branch 'origin/topic/timw/asan' 
* origin/topic/timw/asan:
  Fix potential null-dereference in current_time()
  Add --sanitizers flag to configure script to enable Clang sanitizers
 2019-06-13 11:20:49 -07:00
Jon Siwek
3a8b83ca25 Updating submodule(s). 
[nomail]
 2019-06-12 16:21:07 -07:00
Jon Siwek
b33926a8e1 Merge remote-tracking branch 'origin/topic/dnthayer/gh-313' 
* origin/topic/dnthayer/gh-313:
  Create local.zeek as symlink for upgrade installs
  Rename directories from bro to zeek
 2019-06-12 15:11:04 -07:00
Tim Wojtulewicz
965a99a781 Fix potential null-dereference in current_time() 2019-06-12 14:46:29 -07:00
Tim Wojtulewicz
7efc39d228 Add --sanitizers flag to configure script to enable Clang sanitizers 2019-06-12 14:46:29 -07:00
Tim Wojtulewicz
f1383d98c2 Return an empty vector if the indices for slicing don't make sense 2019-06-12 14:29:11 -07:00
Tim Wojtulewicz
0af79a7a16 GH-393: Add slice notation for vectors 2019-06-12 14:20:37 -07:00
Jon Siwek
0ab1f0fe25 Updating submodule(s). 
[nomail]
 2019-06-12 10:34:27 -07:00
Mauro Palumbo
b130cc7931 minor changes in the documentation 2019-06-12 12:46:18 +02:00
Daniel Thayer
52b5124767 Create local.zeek as symlink for upgrade installs 
Since the default install prefix has changed from /usr/local/bro
to /usr/local/zeek, the local.zeek will be created as a symlink to
the old local.bro if doing an upgrade install and if using the default
install prefix.
 2019-06-12 02:49:22 -05:00
Robin Sommer
1ce5521ecc Couple of compile fixes. 
This is branched from topic/johanna/remove-serializer.
 2019-06-11 22:53:25 +00:00
Mauro Palumbo
6c29feb1d7 fix some initializations 2019-06-11 15:29:37 +02:00
Mauro Palumbo
1c078bed25 fix wrong assignment of control key_id/crypto_checksum 2019-06-11 15:06:38 +02:00
Mauro Palumbo
40886fe611 code clean up 2019-06-09 21:47:09 +02:00
Mauro Palumbo
af91246c03 add extension fields parsing 2019-06-09 21:25:16 +02:00
Mauro Palumbo
d0465bc45d add extended mac field with 20 byte digest (+4 byte key id) 2019-06-09 20:21:56 +02:00
Jon Siwek
5331bf10ec GH-323: change builtin plugin namespaces to Zeek 2019-06-07 20:56:54 -07:00
Jon Siwek
e0f9b0829e Adapt bro_plugin CMake macros to use zeek_plugin 2019-06-07 20:07:39 -07:00
Robin Sommer
32f30b5c71 Renaming src/StateAccess.{h,cc} to src/Notifier.{h,cc}. 
The old names did not reflect the content of the files anymore.
 2019-06-08 00:27:55 +00:00
Robin Sommer
6adab8d46a Clean up new code. 2019-06-08 00:24:02 +00:00
Robin Sommer
7bd738865c Remove MutableVal class. 2019-06-07 23:17:37 +00:00
Robin Sommer
062a1ee6b3 Redo API for notifiers. 
There's now an notifier::Modifiable interface class that class
supposed to signal modifications are to be derived from. This takes
the place of the former MutableValue class and also unifies how Val
and IDs signal modifications.
 2019-06-07 23:17:36 +00:00
Robin Sommer
f8262b65c4 Remove most of MutableVal (but not the class itelf yet) 2019-06-07 23:17:36 +00:00
Robin Sommer
0ba382280c Remove enum Opcode. 2019-06-07 23:17:36 +00:00
Robin Sommer
31ddca863c Remove StateAccess class. 2019-06-07 23:17:36 +00:00
Robin Sommer
02214dafc4 Redo NotfifierRegistry to no longer rely on StateAccess. 
We simplify the API to a simple Modified() operation.
 2019-06-07 23:17:36 +00:00
Robin Sommer
c0c5dccd06 Add new test for when-statement watching global variables. 2019-06-07 23:17:29 +00:00
Robin Sommer
00f9341183 Couple of compile fixes. 
This is branched from topic/johanna/remove-serializer.
 2019-06-07 22:56:59 +00:00
Jon Siwek
05a58f90a2 Merge remote-tracking branch 'origin/topic/johanna/tls13-details' 
* origin/topic/johanna/tls13-details:
  Update SSL documentation.
  support the newer TLS 1.3 key_share extension.
  Include all data of the server-hello random
  Parse pre-shared-key extension.

Added a small portability fix for the gmt_unix_time byte-swapping.
 2019-06-07 14:06:11 -07:00
Zeke Medley
bd605bfc3a Stop execution on paraglob error. 2019-06-07 09:45:18 -07:00
Johanna Amann
05e519439e Merge remote-tracking branch 'origin/topic/jsiwek/gh-209-radius-attr-66' 
* origin/topic/jsiwek/gh-209-radius-attr-66:
  GH-209: replace "remote_ip" field of radius.log with "tunnel_client"
 2019-06-07 17:43:27 +10:00
Johanna Amann
6707328c55 Merge remote-tracking branch 'origin/master' into topic/johanna/tls13-details 2019-06-07 16:52:38 +10:00
Johanna Amann
8d96dea23f Update SSL documentation. 2019-06-07 16:48:19 +10:00
Jon Siwek
c6378c56e2 Update plugin unit tests to use --zeek-dist 2019-06-06 20:02:47 -07:00
Jon Siwek
2fa74e4bcb Change default value of peer_description "zeek" 2019-06-06 19:49:30 -07:00
Jon Siwek
be091271f7 Rename Bro to Zeek in Zeekygen-generated documentation 2019-06-06 18:52:22 -07:00
Jon Siwek
7c5e74e577 Merge branch 'master' of https://github.com/anthonykasza/zeek 
* 'master' of https://github.com/anthonykasza/zeek:
  add: rdp_native_encrytped_data event

I added a unit test.
 2019-06-06 17:22:49 -07:00
Jon Siwek
c193582623 Merge branch 'rdp_client_security' of https://github.com/neslog/zeek 
* 'rdp_client_security' of https://github.com/neslog/zeek:
  Adding comments specific to client security data in record definition.
  Cleaning up indentations and return true.
  Adding record to init-bare
  Adding client_security_data to the analyzer.

I added a unit test.
 2019-06-06 16:53:48 -07:00
Zeke Medley
145bfe50af Update paraglob submodule 2019-06-06 15:35:02 -07:00
Anthony Kasza
0b5acebfb9 add: rdp_native_encrytped_data event 2019-06-06 13:52:09 -06:00
jatkinosn
ab4becc454 Adding comments specific to client security data in record definition. 2019-06-06 15:16:47 -04:00
Jon Siwek
eef669f048 Improve sqlite logging unit tests 
By using a consistent timestamp. That avoids rare chances of sqlite
output from rounding the current time into such a form that happens
to bypass the timestamp canonifier script (whenever it happened to
land on a whole or tenth second).
 2019-06-06 12:06:55 -07:00
jatkinosn
326ff6f6c0 Cleaning up indentations and return true. 2019-06-06 15:05:34 -04:00
Mauro Palumbo
01ae5203e3 Merge branch 'fix-ntp-mac' into ntp-rewrite 2019-06-06 16:53:55 +02:00
Mauro Palumbo
38ad648082 update tests and add a new one for key_id and mac 2019-06-06 16:45:09 +02:00
Mauro Palumbo
2cd2c65fe3 fix auth field (key_id and mac) in standard and control msg 2019-06-06 16:38:05 +02:00