From f978db91f2a94e341744f8a3f44728b4e853ccaa Mon Sep 17 00:00:00 2001 From: Phil Rzewski Date: Mon, 15 Jan 2024 12:42:35 -0800 Subject: [PATCH 1/3] Add workaround for zeek/3534 on Windows --- .github/workflows/release.yml | 2 +- release.sh | 7 ++++++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f12df32..4763da2 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -109,7 +109,7 @@ jobs: - name: Finish packaging artifact run: ./release.sh - shell: sh + shell: bash - name: Upload artifact uses: actions/upload-artifact@v4 diff --git a/release.sh b/release.sh index 1eadb1a..9ae1f53 100755 --- a/release.sh +++ b/release.sh @@ -1,4 +1,4 @@ -#!/bin/sh -ex +#!/bin/bash -ex case $(uname) in Darwin|Linux) @@ -75,6 +75,11 @@ install_zeek_package salesforce/hassh 76a47abe9382109ce9ba530e7f1d7014a4a95209 install_zeek_package salesforce/ja3 421dd4f3616b533e6971bb700289c6bb8355e707 echo "@load policy/protocols/conn/community-id-logging" | $sudo tee -a /usr/local/zeek/share/zeek/site/local.zeek +# Work around https://github.com/zeek/zeek/issues/3534 on Windows +[[ $(uname) =~ "NT" ]] && + mv /usr/local/zeek/share/zeek/site/local.zeek /usr/local/zeek/share/zeek/site/local.zeek.orig && + sed 's/^@load protocols\/ssh\/interesting-hostnames/#@load protocols\/ssh\/interesting-hostnames # https:\/\/github.com\/zeek\/zeek\/issues\/3534 workaround/; s/^@load frameworks\/files\/detect-MHR/#@load frameworks\/files\/detect-MHR # https:\/\/github.com\/zeek\/zeek\/issues\/3534 workaround/' /usr/local/zeek/share/zeek/site/local.zeek.orig > /usr/local/zeek/share/zeek/site/local.zeek + # # Create zip file. # From 48a82f0a0d26b01db6bdd300670f7876b9306d68 Mon Sep 17 00:00:00 2001 From: Phil Rzewski Date: Tue, 16 Jan 2024 12:08:47 -0800 Subject: [PATCH 2/3] PR feedback: Make sed more readable Co-authored-by: Noah Treuhaft --- release.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/release.sh b/release.sh index 9ae1f53..9631951 100755 --- a/release.sh +++ b/release.sh @@ -77,8 +77,10 @@ echo "@load policy/protocols/conn/community-id-logging" | $sudo tee -a /usr/loca # Work around https://github.com/zeek/zeek/issues/3534 on Windows [[ $(uname) =~ "NT" ]] && - mv /usr/local/zeek/share/zeek/site/local.zeek /usr/local/zeek/share/zeek/site/local.zeek.orig && - sed 's/^@load protocols\/ssh\/interesting-hostnames/#@load protocols\/ssh\/interesting-hostnames # https:\/\/github.com\/zeek\/zeek\/issues\/3534 workaround/; s/^@load frameworks\/files\/detect-MHR/#@load frameworks\/files\/detect-MHR # https:\/\/github.com\/zeek\/zeek\/issues\/3534 workaround/' /usr/local/zeek/share/zeek/site/local.zeek.orig > /usr/local/zeek/share/zeek/site/local.zeek + sed -i \ + -e 's|^@load protocols/ssh/interesting-hostnames|#\0 # https://github.com/zeek/zeek/issues/3534 workaround|' \ + -e 's|^@load frameworks/files/detect-MHR|#\0 # https://github.com/zeek/zeek/issues/3534 workaround|' \ + /usr/local/zeek/share/zeek/site/local.zeek # # Create zip file. From 3e96886e2b661a0c4062152a31638a37ec30a41d Mon Sep 17 00:00:00 2001 From: Phil Rzewski Date: Tue, 16 Jan 2024 12:10:13 -0800 Subject: [PATCH 3/3] Drop extra space char --- release.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/release.sh b/release.sh index 9631951..fbacfdd 100755 --- a/release.sh +++ b/release.sh @@ -79,7 +79,7 @@ echo "@load policy/protocols/conn/community-id-logging" | $sudo tee -a /usr/loca [[ $(uname) =~ "NT" ]] && sed -i \ -e 's|^@load protocols/ssh/interesting-hostnames|#\0 # https://github.com/zeek/zeek/issues/3534 workaround|' \ - -e 's|^@load frameworks/files/detect-MHR|#\0 # https://github.com/zeek/zeek/issues/3534 workaround|' \ + -e 's|^@load frameworks/files/detect-MHR|#\0 # https://github.com/zeek/zeek/issues/3534 workaround|' \ /usr/local/zeek/share/zeek/site/local.zeek #