Zeek v3.2.0-dev-551-gfda8b98ac for macOS, Linux, and Windows #26
Conversation
[nomail]
There was an alternate syntax to assign anonymous functions to record
fields that was never migrated to use the new lambda expression
machinery (and so didn't allow referencing variables in outer scope):
type myrec: record {
foo: function(a: string);
};
local o = "o";
local mr = myrec($foo(a: string) = { print a + o; });
[nomail]
…eak-cleanup' * origin/topic/jsiwek/runtime-exception-leak-cleanup: Func::DescribeDebug: move a NumFields() call out of loop Use const-ref parameter for zeek::val_list_to_args() Fix missing IntrusivePtr.h include and ambiguous ODesc::Add call Remove TimerMgr arg from event queuing/scheduling methods Deprecate Analyzer::ConnectionEvent() Deprecate file_analysis::File::FileEvent methods using val_list args Deprecate Connection::ConnectionEvent methods Deprecate EventMgr::QueueEventFast() and update usages to Enqueue() Deprecate EventMgr::QueueEvent() and update usages to Enqueue() Deprecate Func::Call(val_list*, ...) Use vector<IntrusivePtr<Val>> for Func::Call and Event queuing args Fix memory leak in Zeek when-statement bodies with runtime errors Change TableVal::RecoverIndex() to return IntrusivePtr Use IntrusivePtr in TableVal::CallExpireFunc Fix memory leak when runtime error occurs in a Zeek for-loop Enable leak checks for btests that produce runtime exceptions
This changes the decapsulation logic for GRE/ERSPAN payloads to re-use existing Layer 2 parsing logic that already handles things like 802.1Q tags correctly before going on to process the inner IPv4/IPv6 payload.
* origin/topic/jsiwek/rocksdb-opt-in: zeekGH-878: Make RocksDB usage opt-in and add --enable-rocksdb configure flag Fixes zeekGH-878
* origin/topic/jsiwek/tcp-hdr-reserved-bits: Add a "reserved" field to tcp_hdr record
* origin/topic/timw/remove-cq: Remove unused cq queue code.
* origin/topic/timw/expr-cleanup: Don't use xor operator for boolean operations Fix whitespace issues Fix a variable-name-shadowing issue Don't allocate a value during a loop if avoidable Fix type narrowing on a couple of subtractions Fold multiple if cases with the same return value into a single return Fold a number of allocations into the if statement where they're used Remove unused ListExpr::AllConst method Constify a couple of method arguments Mark RuntimeError methods in Reporter as noreturn since they throw exceptions
…erspan-dot1q' * origin/topic/jsiwek/zeekgh-887-fix-gre-erspan-dot1q: zeekGH-887: improve GRE/ERSPAN parsing of non-IPv4/IPv6 inner payload Fix ERSPAN III optional sub-header parsing
… from some as well
…nheriting from them
A large number of functions had return values and/or arguments changed to use ``bool`` types instead of ``int``.
(Squashed this one before merge). * topic/timw/the-great-embooleanating: The Great Embooleanating
…ithub.com/jeppojeps/zeek
* origin/topic/timw/override: Mark input/output message classes as final, since nothing should be inheriting from them Add missing override specifier to a number of methods, remove virtual from some as well Add override specifier to Configure() method in almost all of the internal plugins
* origin/topic/jsiwek/misc-lambda-fixes: zeekGH-725: fix logic for finding a lambda's usage of outer IDs Change record field anonymous functions to use lambda expressions
[nomail]
The alternates must be some subset of the canonical prototype (the one
that's first declared) and allows users to define handlers for any
such prototype. Example:
# Prototype declarations
global my_event: event(s: string, c: count);
global my_event: event(c: count);
global my_event: event();
# Handler definitions
event my_event(s: string, c: count) { print s, c; }
event my_event(c: count) { print c; }
event my_event() { }
This allows handlers to consume a subset of the arguments or even
re-order them. This makes it easier to either extend an existing
event/hook's arguments and/or deprecate usages of certain prototypes.
* origin/topic/timw/the-missing-bools: Fix uses of GetBool in bifs to use GetTrue/GetFalse Change Sessions::dump_this_packet to a bool
Remove unused #includes Co-authored-by: Tim Wojtulewicz <tim@corelight.com>
Use a constant timestamp for packets Co-authored-by: Jon Siwek <jsiwek@corelight.com>
…et-build' * origin/topic/jsiwek/fix-macos-fuzz-target-build: Fix building fuzz targets on macOS
* origin/topic/jazoff/packet-fuzzer: Update src/fuzzers/packet-fuzzer.cc Update src/fuzzers/packet-fuzzer.cc add initial packet corpus add packet fuzzer
* origin/topic/neverlord/caf-0.18: Upgrade to latest Broker changes for CAF 0.18
[nomail]
MinGW tools can't handle aux because it's a reserved file name in the Win32 namespace. Revert this after the aux directory is renamed upstream.
…a617 The Windows build needs it.
nwt
force-pushed
the
windows
branch
2 times, most recently
from
5a9b7cf
to
34f2a99
Compare
Is it possible to add these commits on a separate PR? Also, what does v3.2.0-dev-551-gfda8b98ac refer to? I see the v3.2.0-dev branch in upstream, but no commit gfda8b98ac or reference to "551". |
|
@henridf: v3.2.0-dev-551-gfda8b98ac is "git describe" output for fda8b98, which is 551 commits past tag v3.2.0-dev. (That was zeek/zeek@master at the time I started merging this branch into brimsec/zeek@master). Should I simply push the merge commit (c62b418) to master so this PR shrinks to the last six commits? Or would you like to see a PR with the merge commit plus minimal necessary changes to brim/ and .github/workflows/brim-release.yml (which I don't have on hand but could prepare)? Or something else? |
Hmm. I guess that (assuming this PR isn't squashed upon merging), then the resulting history in master would be the same if you push that merge commit vs doing everything here.
This doesn't seem indispensable to me, and it's extra work, so I'd say not worth it. Overall my concern was just about future readability and maintenance, but after some more thought I think this approach (with an unsquashed merge) is good. (Also I was anticpating the "how do we maintain these changes on top of zeek over time", but given that the goal is for your changes to be upstreamed, this shouldn't be an issue). |
👍 I was planning to merge this by adding a merge commit. |
.github/workflows/brim-release.yml
Outdated
| - if: startsWith(matrix.os, 'windows-') | ||
| uses: actions/setup-go@v2 | ||
| with: | ||
| go-version: 1.14.3 |
There was a problem hiding this comment.
We're using go-version: 1.13 in the zq build, can we use that here for consistency?
There was a problem hiding this comment.
@alfred-landrum: Done in 04df34d.
| @@ -1,45 +1,64 @@ | |||
| #!/bin/sh -ex | |||
|
|
|||
| case $(uname -s) in | |||
| install_libpcap() { | |||
There was a problem hiding this comment.
can you add the comment stating why we do this from the removed text ("Compile a recent libpcap, ...")
There was a problem hiding this comment.
@alfred-landrum: That comment is still present at https://github.com/brimsec/zeek/blob/windows/brim/release#L22-L23.
|
We don't need this any longer, so I removed it from .github/workflows/brim-release.yml in 04df34d. # Remove this step when the hosted runners have
# https://github.com/actions/virtual-environments/pull/632.
- if: startsWith(matrix.os, 'windows-')
name: Windows MSYS2 installation
shell: pwsh
run: |
Set-PSDebug -Trace 1
if (Test-Path C:/msys64) { exit 0 }
$url = 'http://repo.msys2.org/distrib/x86_64/msys2-base-x86_64-20190524.tar.xz'
bash -c "curl -LSs $url | tar -xJf - -C /c"
$env:Path = "C:\msys64\usr\bin"
# packman-key is a script, so PowerShell can't run it directly.
bash -c 'pacman-key --init'
bash -c 'pacman-key --populate msys2'
# pacman-key starts gpg-agent, causing breakage if pacman
# upgrades msys-2.0.dll.
Stop-Process -Name gpg-agent
# First update pacman to avoid
# https://github.com/msys2/MSYS2-packages/issues/1960.
pacman -Sy --noconfirm pacman
pacman -Syuu --noconfirm
pacman -Syuu --noconfirm |
This should close #10, #14, and #24.