Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-09 01:58:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
12680 commits 388 branches 195 tags 264 MiB
Commit graph

6667 commits

Author SHA1 Message Date
Jon Siwek
fcceba5ece Merge remote-tracking branch 'origin/topic/timw/asan' 
* origin/topic/timw/asan:
  Fix potential null-dereference in current_time()
  Add --sanitizers flag to configure script to enable Clang sanitizers
 2019-06-13 11:20:49 -07:00
Jon Siwek
b33926a8e1 Merge remote-tracking branch 'origin/topic/dnthayer/gh-313' 
* origin/topic/dnthayer/gh-313:
  Create local.zeek as symlink for upgrade installs
  Rename directories from bro to zeek
 2019-06-12 15:11:04 -07:00
Tim Wojtulewicz
965a99a781 Fix potential null-dereference in current_time() 2019-06-12 14:46:29 -07:00
Tim Wojtulewicz
f1383d98c2 Return an empty vector if the indices for slicing don't make sense 2019-06-12 14:29:11 -07:00
Tim Wojtulewicz
0af79a7a16 GH-393: Add slice notation for vectors 2019-06-12 14:20:37 -07:00
Robin Sommer
1ce5521ecc Couple of compile fixes. 
This is branched from topic/johanna/remove-serializer.
 2019-06-11 22:53:25 +00:00
Mauro Palumbo
6c29feb1d7 fix some initializations 2019-06-11 15:29:37 +02:00
Mauro Palumbo
1c078bed25 fix wrong assignment of control key_id/crypto_checksum 2019-06-11 15:06:38 +02:00
Mauro Palumbo
40886fe611 code clean up 2019-06-09 21:47:09 +02:00
Mauro Palumbo
af91246c03 add extension fields parsing 2019-06-09 21:25:16 +02:00
Mauro Palumbo
d0465bc45d add extended mac field with 20 byte digest (+4 byte key id) 2019-06-09 20:21:56 +02:00
Jon Siwek
5331bf10ec GH-323: change builtin plugin namespaces to Zeek 2019-06-07 20:56:54 -07:00
Jon Siwek
e0f9b0829e Adapt bro_plugin CMake macros to use zeek_plugin 2019-06-07 20:07:39 -07:00
Robin Sommer
32f30b5c71 Renaming src/StateAccess.{h,cc} to src/Notifier.{h,cc}. 
The old names did not reflect the content of the files anymore.
 2019-06-08 00:27:55 +00:00
Robin Sommer
6adab8d46a Clean up new code. 2019-06-08 00:24:02 +00:00
Robin Sommer
7bd738865c Remove MutableVal class. 2019-06-07 23:17:37 +00:00
Robin Sommer
062a1ee6b3 Redo API for notifiers. 
There's now an notifier::Modifiable interface class that class
supposed to signal modifications are to be derived from. This takes
the place of the former MutableValue class and also unifies how Val
and IDs signal modifications.
 2019-06-07 23:17:36 +00:00
Robin Sommer
f8262b65c4 Remove most of MutableVal (but not the class itelf yet) 2019-06-07 23:17:36 +00:00
Robin Sommer
0ba382280c Remove enum Opcode. 2019-06-07 23:17:36 +00:00
Robin Sommer
31ddca863c Remove StateAccess class. 2019-06-07 23:17:36 +00:00
Robin Sommer
02214dafc4 Redo NotfifierRegistry to no longer rely on StateAccess. 
We simplify the API to a simple Modified() operation.
 2019-06-07 23:17:36 +00:00
Robin Sommer
00f9341183 Couple of compile fixes. 
This is branched from topic/johanna/remove-serializer.
 2019-06-07 22:56:59 +00:00
Jon Siwek
05a58f90a2 Merge remote-tracking branch 'origin/topic/johanna/tls13-details' 
* origin/topic/johanna/tls13-details:
  Update SSL documentation.
  support the newer TLS 1.3 key_share extension.
  Include all data of the server-hello random
  Parse pre-shared-key extension.

Added a small portability fix for the gmt_unix_time byte-swapping.
 2019-06-07 14:06:11 -07:00
Zeke Medley
bd605bfc3a Stop execution on paraglob error. 2019-06-07 09:45:18 -07:00
Johanna Amann
6707328c55 Merge remote-tracking branch 'origin/master' into topic/johanna/tls13-details 2019-06-07 16:52:38 +10:00
Johanna Amann
8d96dea23f Update SSL documentation. 2019-06-07 16:48:19 +10:00
Jon Siwek
be091271f7 Rename Bro to Zeek in Zeekygen-generated documentation 2019-06-06 18:52:22 -07:00
Jon Siwek
7c5e74e577 Merge branch 'master' of https://github.com/anthonykasza/zeek 
* 'master' of https://github.com/anthonykasza/zeek:
  add: rdp_native_encrytped_data event

I added a unit test.
 2019-06-06 17:22:49 -07:00
Jon Siwek
c193582623 Merge branch 'rdp_client_security' of https://github.com/neslog/zeek 
* 'rdp_client_security' of https://github.com/neslog/zeek:
  Adding comments specific to client security data in record definition.
  Cleaning up indentations and return true.
  Adding record to init-bare
  Adding client_security_data to the analyzer.

I added a unit test.
 2019-06-06 16:53:48 -07:00
Anthony Kasza
0b5acebfb9 add: rdp_native_encrytped_data event 2019-06-06 13:52:09 -06:00
jatkinosn
326ff6f6c0 Cleaning up indentations and return true. 2019-06-06 15:05:34 -04:00
Mauro Palumbo
2cd2c65fe3 fix auth field (key_id and mac) in standard and control msg 2019-06-06 16:38:05 +02:00
jatkinosn
17512bb8db Adding record to init-bare 2019-06-06 10:06:58 -04:00
jatkinosn
b6746bc9e0 Adding client_security_data to the analyzer. 2019-06-06 09:49:24 -04:00
Jon Siwek
d3927d9266 Rename BRO_DEPRECATED macro to ZEEK_DEPRECATED 2019-06-05 16:23:43 -07:00
Jon Siwek
dfed213f31 Deprecate functions with "bro" in them. 
* "bro_is_terminating" is now "zeek_is_terminating"

* "bro_version" is now "zeek_version"

The old function names still exist for now, but are deprecated.
 2019-06-05 16:18:57 -07:00
Mauro Palumbo
df0a4b9bb7 fix key_id and digest (WIP) 2019-06-05 18:15:18 +02:00
Mauro Palumbo
2dc7695d87 fix wrong Assign with reference_id 2019-06-05 15:26:45 +02:00
Jon Siwek
80fe3d5583 Simplify threading::Value destructor 2019-06-04 19:30:21 -07:00
Jon Siwek
59596e0bfa Merge branch 'master' of https://github.com/ZekeMedley/zeek 
* 'master' of https://github.com/ZekeMedley/zeek:
  Use the right delete and improve the leak test. Increases the size of the table being loaded in the pattern leak test and uses the right delete method.
  Fix formatting.
  Fix memory leak and add test.
  Add pattern support to input framework.
 2019-06-04 19:19:19 -07:00
Jon Siwek
43104565a4 Merge remote-tracking branch 'origin/topic/timw/159-coerce-counts' 
* origin/topic/timw/159-coerce-counts:
  GHI-155: set the type of a vector based on the variable's type, not the value's type
  GH-159: Allow coercion of numeric values into other types
  Allow passing a location to BroObj::Warning and BroObj::Error.
  Add CLion directories to gitignore
  Move #define outside of max_type for clarity
 2019-06-04 17:57:15 -07:00
Tim Wojtulewicz
394aec5a72 GHI-155: set the type of a vector based on the variable's type, not the value's type 2019-06-04 14:59:17 -07:00
ZekeMedley
42b1f4fd2e Make paraglob serializable and copyable. 2019-06-04 14:56:48 -07:00
ZekeMedley
e1520a0d67 Initial paraglob integration. 2019-06-04 14:24:51 -07:00
Jon Siwek
a388f51eaa Merge remote-tracking branch 'origin/topic/robin/clone-cycles' 
* origin/topic/robin/clone-cycles:
  GH-293: Protect copy() against reference cycles.
 2019-06-04 10:31:01 -07:00
Tim Wojtulewicz
76fe643c87 GH-159: Allow coercion of numeric values into other types 2019-06-04 10:08:41 -07:00
Mauro Palumbo
75b7be302f fix problem with time vals 2019-06-04 17:10:57 +02:00
Mauro Palumbo
c8f4d68185 update ntp analyzer to val_mgr 2019-06-04 12:22:37 +02:00
Palumbo Mauro
411908a102 extend and refactor several fields 2019-06-03 17:46:22 +02:00
Palumbo Mauro
19fd5f66e8 refactor mode 7 2019-06-03 17:26:46 +02:00