Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
8353 commits 387 branches 195 tags 255 MiB
Commit graph

1334 commits

Author SHA1 Message Date
Jon Siwek
eb9a05cd25 GH-307: Build binpac as a shared lib, not static by default 2019-03-18 14:00:54 -07:00
Jon Siwek
f19db92508 Merge branch 'topic/christian/inputframework-paths' of https://github.com/ckreibich/zeek 
* 'topic/christian/inputframework-paths' of https://github.com/ckreibich/zeek:
  Source file path control for Input and Intel frameworks
 2019-03-18 11:48:22 -07:00
Jon Siwek
01d303b480 Migrate table-based for-loops to key-value iteration 2019-03-15 19:54:44 -07:00
Jon Siwek
03ac32adec Merge branch 'topic/dopheide/fix-ssh-geo-data' of https://github.com/dopheide-esnet/bro 
* 'topic/dopheide/fix-ssh-geo-data' of https://github.com/dopheide-esnet/bro:
  Fix geo-data to log remote_location data when auth is successful.
 2019-03-15 13:03:59 -07:00
Jon Siwek
158313875c Move NEWS file back into main repo from zeek-docs 2019-03-14 16:40:27 -07:00
Jon Siwek
a9771bc0eb Fix signed/unsigned comparison compiler warning 2019-03-14 16:24:27 -07:00
Robin Sommer
72fa3f16ad Merge remote-tracking branch 'origin/topic/jsiwek/vxlan' 
* origin/topic/jsiwek/vxlan:
  GH-250: Improve/cleanup VXLAN decapsulation support
  Initial VXLAN support, need -C flag to work when running bro
 2019-03-14 17:59:42 +00:00
Jon Siwek
389fe2bc2a Merge remote-tracking branch 'origin/topic/jazoff/datastructures-defer-init' 
* origin/topic/jazoff/datastructures-defer-init:
  Defer initialization of lists and dicts until an item is added.
 2019-03-13 17:34:10 -07:00
Jon Siwek
1239a286e2 Merge branch 'patch-1' of https://github.com/neu5ron/bro 
* 'patch-1' of https://github.com/neu5ron/bro:
  Update main.bro
  Update main.bro
 2019-03-13 13:49:17 -07:00
Robin Sommer
56da70c148 Merge remote-tracking branch 'origin/topic/jsiwek/gh-289' 
* origin/topic/jsiwek/gh-289:
  GH-289: Add options to limit entries in http.log file fields
 2019-03-13 18:23:06 +00:00
Jon Siwek
a36ac12e88 Improve DNS query queuing logic 
Related to https://github.com/zeek/zeek/pull/276
 2019-03-08 18:38:41 -08:00
Jon Siwek
011b6e10bf Merge remote-tracking branch 'origin/topic/jazoff/dns-perf' 
* origin/topic/jazoff/dns-perf:
  update baselines
  Use more efficient method to grab the protocol.
  improve performance of dns policy
 2019-03-08 16:23:30 -08:00
Jon Siwek
e2ca695c31 Merge branch 'patch-1' of https://github.com/g0nzu1/zeek 
* 'patch-1' of https://github.com/g0nzu1/zeek:
  Minor fixes Line 76 and Line
 2019-03-07 13:14:53 -08:00
Jon Siwek
628a46d8fd GH-219: revert previous change to |x| operator for interval/time 
The result of the |x| operator for interval and time types historically
returned a value of type double.  This was changed as part of
3256ac7c49 to return interval/time, but
this now reverts to returning a double again to avoid introducing a
change that may break user code.

Fixes GH-219
 2019-03-06 15:36:31 -08:00
Jon Siwek
a342090f18 Merge remote-tracking branch 'origin/topic/johanna/input-whitespace' 
* origin/topic/johanna/input-whitespace:
  Be more liberal with whitespaces for ip-addresses, subnets, etc.
 2019-02-22 14:58:43 -06:00
Jon Siwek
9345ff346a Add missing libkrb5 include dir to CMake config 2019-02-22 14:35:54 -06:00
Jon Siwek
aff3f4b3fd Skip autogenerated doc coverage test for Travis pull requests 2019-02-15 17:53:53 -06:00
Jon Siwek
8e9dc3c789 Improve format of conn_state docs 2019-02-13 16:15:13 -08:00
Jon Siwek
0790c1c559 Merge remote-tracking branch 'origin/topic/jsiwek/gh-211' 
* origin/topic/jsiwek/gh-211:
  GH-208: change invalid subnet expressions to a runtime error
  GH-211: improve consistency of how scripting errors are handled

Removed the 'allow_init_errors' option.
 2019-02-07 10:33:52 -06:00
Jon Siwek
018f687c33 Add validity checking/warnings for Broker messages 2019-02-06 13:19:00 -06:00
Jon Siwek
49a30d61cf Fix memory leak due to enum type/val circular references 
Introduced in 2982765128
 2019-01-29 18:28:13 -06:00
Johanna Amann
2e2f611df5 Merge branch 'master' of https://github.com/hosom/zeek 
* 'master' of https://github.com/hosom/zeek:
  Add fuid to SSL:Invalid_Server_Cert notice
 2019-01-29 14:52:34 -08:00
Jon Siwek
3e2c2a6140 GH-210: improve call stack tracking 
Adds tracking of arguments
 2019-01-28 14:17:04 -06:00
Jon Siwek
1b2b1b2850 Fix building with LibreSSL again 2019-01-24 17:54:18 -06:00
Johanna Amann
7465bceb7e Merge remote-tracking branch 'origin/topic/jsiwek/gh-167' 
* origin/topic/jsiwek/gh-167:
  GH-167: improve error message for unclosed function at EOF
 2019-01-24 15:22:42 -08:00
Jon Siwek
7a3ecd76b4 Merge remote-tracking branch 'origin/topic/johanna/md5-fips' 
* origin/topic/johanna/md5-fips:
  A few more updates to the digest functions.
  Tell OpenSSL that MD5 is not used for security in order to allow bro to work properly on a FIPS system

I changed a couple places that looked like memory management pitfalls:
moved some cleanup code into the dtors of HashVal derived classes
(seemed like it got stuck in ctors by accident) and also added a
cautionary cleanup in the MIME code.

Plus minor formatting changes.
 2019-01-24 17:20:06 -06:00
Johanna Amann
51cb4f5051 Merge branch 'stu-h/erspan-testing' of https://github.com/stu-h/zeek 
* 'stu-h/erspan-testing' of https://github.com/stu-h/zeek:
  Added ERSPAN III testing
 2019-01-24 12:52:29 -08:00
Johanna Amann
5f0562bb04 Merge remote-tracking branch 'origin/topic/jsiwek/gh-219' 
* origin/topic/jsiwek/gh-219:
  GH-219: fix |x| operator int overflow / floating point type inconsistency
 2019-01-23 10:05:31 -08:00
Johanna Amann
7c892ef7d4 Merge remote-tracking branch 'origin/topic/jsiwek/gh-151' 
* origin/topic/jsiwek/gh-151:
  GH-151: fix hash calculation for nested sets
 2019-01-22 09:08:14 -08:00
Johanna Amann
b9702e0f27 Updating CHANGES and VERSION. 2019-01-18 15:20:47 -08:00
Jon Siwek
5618b21cca Improve ERSPAN Type III support 
Added check for the optional sub-header in ERSPAN Type III as well
as additional truncation checks to the GRE parsing logic in general.
Also added a unit test for ERSPAN Type II.
 2019-01-17 18:06:10 -06:00
Jon Siwek
2ff746fea7 Change doc/ subdir into a git submodule 
The docs now live at https://github.com/zeek/zeek-docs
 2019-01-17 14:15:45 -06:00
Jon Siwek
0d685efbf5 Add Broker::peer_counts_as_iosource option 
Disabling this option allows one to read pcaps, but still initiate
Broker peerings and automatically exit when done processing the pcap
file.  The default behavior would normally cause Broker::peer() to
prevent shutting the process down even after done reading the pcap.
 2019-01-16 19:03:35 -06:00
Jon Siwek
5eab9b9d47 Merge branch 'patch-1' of https://github.com/fatemabw/zeek 
* 'patch-1' of https://github.com/fatemabw/zeek:
  Patch for the Revoked bit set in DNSKEY Flag
 2019-01-16 11:19:59 -06:00
Jon Siwek
39b1d49fc3 GH-170: fix segfault triggered by invalid pattern symbols 
Fixes GH-170
 2019-01-15 14:29:25 -06:00
Jon Siwek
6eee5ded61 GH-172: fix broxygen not merging bif and script identifier comments 
Fixes GH-172
 2019-01-15 12:13:32 -06:00
Jon Siwek
12f3ab303b Improve unit test for reporter shutdown order 2019-01-15 10:32:13 -06:00
Jon Siwek
2f33245b35 GH-205: prioritize use of sigaction() over sigset() 2019-01-14 16:12:38 -06:00
Jon Siwek
38cb3dbf2e GH-188: fix crash when shutting down with pending reporter errors 
This fixes some use-after-free issues in the shutdown order of
various systems: I/O, plugin, logging, and reporter systems may
interact during shutdown if there's errors emitted (or maybe just
still pending) during the shutdown.

Fixes GH-188
 2019-01-14 15:40:17 -06:00
Jon Siwek
766b1d9520 Fix compiler warning in DNS analyzer 
Switch statement compared values from different enum types
 2019-01-14 14:50:32 -06:00
Jon Siwek
399660c9eb GH-162: fix segfault when &expire_func is missing a return value 
Fixes GH-162
 2019-01-14 14:21:17 -06:00
Jon Siwek
cada0d5e6e GH-161: fix segfault in &default type checking for sets 
Fixes GH-161
 2019-01-14 14:03:15 -06:00
Jon Siwek
02783692d8 Merge branch 'topic/jazoff/expire-reuse-fix' of https://github.com/JustinAzoff/zeek 
* 'topic/jazoff/expire-reuse-fix' of https://github.com/JustinAzoff/zeek:
  Fix variable reuse in table expiration
 2019-01-14 10:28:56 -06:00
Jon Siwek
c46b018fdb Reorganize documentation index 
Moved examples and use cases into a common subdir so those topics will
get grouped together in the main sidebar/TOC
 2019-01-10 15:46:58 -06:00
Jon Siwek
b1b7027982 Merge remote-tracking branch 'origin/rtd-test' 
* origin/rtd-test:
  Disable RTD pdf format due to exceeded capacity
  Add RTD pdf format
  Add RTD yaml config file
  Remove some Bro usages in main TOC entries
  Remove "contents" Sphinx directive usages
  Add a `make livehtml` target
  Use sourcecode Sphinx directive more widely
  Use Sphinx RTD theme for user manual
  Replace some code-block Sphinx directives
  Remove unused Sphinx extensions
  Remove broxygen Sphinx integration
  Remove Sphinx btest integrations and tests
  Fix a Sphinx deprecation

These are all changes required to build documentation from a static
Sphinx tree (e.g. on Read the Docs)
 2019-01-10 14:08:40 -06:00
Johanna Amann
540fa3779d Updating CHANGES and VERSION. 2019-01-10 09:11:02 -08:00
Johanna Amann
a27ab672d9 Merge remote-tracking branch 'origin/topic/jsiwek/libressl-fixes' 
* origin/topic/jsiwek/libressl-fixes:
  GH-227: Improve LibreSSL support
 2019-01-07 10:37:52 -08:00
Jon Siwek
e0b8b4b6b1 Replace some bro.org usages with zeek.org 2019-01-04 17:51:25 -06:00
Jon Siwek
15bfdbe952 Merge branch 'master' of https://github.com/hosom/zeek 
* 'master' of https://github.com/hosom/zeek:
  Call FatalErrorWithCore instead of FatalError
  Fix syntax error
  Add fatal_error_with_core bif
 2019-01-02 11:29:18 -06:00
Jon Siwek
002191ab62 Merge remote-tracking branch 'origin/topic/jsiwek/alpine-support' 
* origin/topic/jsiwek/alpine-support:
  Add FTS dependency when building on Alpine
  Remove unnecessary header include
  Improve default DNS resolution support for Alpine/musl
  Add dns_resolver option
 2018-12-10 11:55:40 -06:00