Merge branch 'master' into osquery_plugin

Author: havraji6

.github/workflows/c-cpp.yml

@@ -1,4 +1,4 @@
-name: C/C++ CI
+name: Build and Checks
 
 on:
   push:
@@ -13,19 +13,32 @@ jobs:
 
     steps:
     - uses: actions/checkout@v2
+      with:
+        submodules: recursive
     - name: Install dependencies
       run: |
         sudo apt-get update
-        sudo apt-get -y install git build-essential autoconf libtool libpcap-dev pkg-config libxml2-dev
+        sudo apt-get -y install git build-essential autoconf libtool libpcap-dev pkg-config libxml2-dev libunwind-dev
         ( git clone --depth 1 https://github.com/CESNET/nemea-framework /tmp/nemea-framework; cd /tmp/nemea-framework; ./bootstrap.sh &&./configure --bindir=/usr/bin/nemea/ -q &&make -j10 && sudo make install; sudo ldconfig)
         ( git clone --depth 1 https://github.com/CESNET/nemea-modules /tmp/nemea-modules; cd /tmp/nemea-modules; ./bootstrap.sh &&./configure --bindir=/usr/bin/nemea/ -q &&make -j10 && sudo make install; )
     - name: autoreconf
       run: autoreconf -i
     - name: configure
-      run: ./configure --with-nemea
+      run: ./configure --with-raw --with-pcap --with-nemea --with-gtest
     - name: make
       run: make
     - name: make check
       run: make check
     - name: make distcheck
       run: make distcheck
+    - name: configure with debug
+      run: ./configure --with-raw --with-pcap --with-nemea --with-gtest --enable-debug CXXFLAGS=-coverage CFLAGS=-coverage LDFLAGS=-lgcov
+    - name: rebuild and check
+      run: make clean; make check
+    - uses: codecov/codecov-action@v1
+      with:
+        flags: tests # optional
+        name: ipfixprobe # optional
+        fail_ci_if_error: true # optional (default = false)
+        verbose: true # optional (default = false)
+

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,67 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ master ]
+  schedule:
+    - cron: '33 12 * * 6'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'cpp' ]
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+
+    - name: Install dependencies
+      run: |
+        sudo apt-get update
+        sudo apt-get -y install git build-essential autoconf libtool libpcap-dev pkg-config libxml2-dev
+        ( git clone --depth 1 https://github.com/CESNET/nemea-framework /tmp/nemea-framework; cd /tmp/nemea-framework; ./bootstrap.sh &&./configure --bindir=/usr/bin/nemea/ -q &&make -j10 && sudo make install; sudo ldconfig)
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+        # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    #- name: Autobuild
+    #  uses: github/codeql-action/autobuild@v1
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 https://git.io/JvXDl
+
+    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+    #    and modify them (or add more) to build your code if your project
+    #    uses a compiled language
+
+    #- run: |
+    #   make bootstrap
+    #   make release
+    - name: Build
+      run: |
+        autoreconf -i
+        ./configure --with-nemea
+        make
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1

.github/workflows/coverity.yml

@@ -0,0 +1,54 @@
+name: coverity
+
+on:
+  push:
+    branches: 'coverity'
+  pull_request:
+    branches: 'master'
+    
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Install dependencies
+      run: |
+        sudo apt-get update
+        sudo apt-get -y install git build-essential autoconf libtool libpcap-dev pkg-config libxml2-dev
+        ( git clone --depth 1 https://github.com/CESNET/nemea-framework /tmp/nemea-framework; cd /tmp/nemea-framework; ./bootstrap.sh &&./configure --bindir=/usr/bin/nemea/ -q &&make -j10 && sudo make install; sudo ldconfig)
+        ( git clone --depth 1 https://github.com/CESNET/nemea-modules /tmp/nemea-modules; cd /tmp/nemea-modules; ./bootstrap.sh &&./configure --bindir=/usr/bin/nemea/ -q &&make -j10 && sudo make install; )
+    - name: autoreconf
+      run: autoreconf -i
+    - name: configure
+      run: ./configure --with-nemea
+    - name: Download Coverity Build Tool
+      run: |
+        wget -q https://scan.coverity.com/download/cxx/linux64 --post-data "token=$TOKEN&project=CESNET%2Fipfixprobe" -O cov-analysis-linux64.tar.gz
+        mkdir cov-analysis-linux64
+        tar xzf cov-analysis-linux64.tar.gz --strip 1 -C cov-analysis-linux64
+      env:
+        TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
+    - name: Fixed world writable dirs
+      run: |
+        chmod go-w $HOME
+        sudo chmod -R go-w /usr/share
+    - name: Build with cov-build
+      run: |
+        export PATH=`pwd`/cov-analysis-linux64/bin:$PATH
+        cov-build --dir cov-int make
+    - name: Submit the result to Coverity Scan
+      run: |
+        tar czvf project.tgz cov-int
+        curl \
+          --form project=CESNET%2Fipfixprobe \
+          --form token=$TOKEN \
+          --form [email protected] \
+          --form [email protected] \
+          --form version=trunk \
+          --form description="ipfixprobe build" \
+          https://scan.coverity.com/builds?project=CESNET%2Fipfixprobe
+      env:
+        TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
+

.gitignore

@@ -94,12 +94,12 @@ libtool
 fields.c
 fields.h
 ipfixprobe-nemea.*
-ipfixprobe
+./ipfixprobe
 ipfixprobe-*.tar.gz
 
 # Test Outputs
 tests/*.log
 tests/*.trs
-tests/test_output/
+tests/output/
 
 

.gitmodules

@@ -0,0 +1,3 @@
+[submodule "googletest"]
+	path = googletest
+	url = https://github.com/google/googletest.git

ChangeLog

@@ -1,3 +1,39 @@
+2021-08-18 ipfixprobe-3.2.1
+	* bugfix parser overflows due bug in old version of libpcap
+
+2021-07-28 ipfixprobe-3.2.0
+	* improved code doc
+	* tlsplugin: fixed out of bounds write to an array
+	* ipfix: Minor changes
+
+2021-07-23 ipfixprobe-3.1.1
+	* systemd: added restart on failure
+	* added stacktrace print on segmentation fault
+	* added export of flowEndReason IPFIX field
+	* rpm: packages are compiled with libunwind
+
+2021-07-21 ipfixprobe-3.1.0
+	* http: updated HTTP IPFIX element identifiers
+	* ghactions: add coverity and codecov
+	* improved systemd service
+	* build: fixed errors on turris and tplink
+	
+2021-06-08 ipfixprobe-3.0.0
+	* added multi-thread version of ipfixprobe
+	* added wireguard plugin
+	* support cygwin compatibility
+	* bugfixes: RTSP plugin, build, memory
+	* updated tests - test for WireGuard plugin
+	
+2021-02-27 ipfixprobe-2.19.0
+	* added phist plugin - histograms of packets
+	* added bstats plugin - burst characteristics of flows
+	* added netbios support
+	* improved basic fields
+	* bugfixes: build, payload size
+	* maintenance: improved IPFIX basiclist representation
+	* updated tests - new timestamp precision
+
 2020-11-01 ipfixprobe-2.18.0
 	* add IDPContent plugin (initial data from packet payload)
 	* updated create_plugin.sh