Merge branch 'known_services_multiprotocols' of https://github.com/mauropalumbo75/zeek

* 'known_services_multiprotocols' of https://github.com/mauropalumbo75/zeek:
  improve logging with broker store
  drop services starting with -
  remove service from key for Cluster::publish_hrw
  remove check for empty services
  update tests
  order list of services in store key
  remove repeated services in logs if already seen
  add multiprotocol known_services when Known::use_service_store = T
  remove hyphen in front of some services (for example -HTTP, -SSL)   In some cases, there is an hyphen before the protocol name in the field   connection$service. This can cause problems in known_services and   is removed here. It originates probably in some analyzer where it   would be better removed in the future.
  add multiprotocol known_services when Known::use_service_store = F

Changes during merge:
  * whitespace
  * add unit test

testing/btest/Baseline/scripts.policy.protocols.conn.known-services-multi/known_services.log

@@ -0,0 +1,11 @@
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	known_services
+#open	2019-08-09-17-38-17
+#fields	ts	host	port_num	port_proto	service
+#types	time	addr	port	enum	set[string]
+1455718916.856316	192.168.2.230	443	tcp	SSH
+1455718922.796688	192.168.2.230	443	tcp	SSL
+#close	2019-08-09-17-38-18

testing/btest/scripts/policy/protocols/conn/known-services-multi.zeek

@@ -0,0 +1,7 @@
+# A test case for when more than a single service is detected for a given
+# (addr, port) pair.
+
+# @TEST-EXEC: zeek -C -r $TRACES/ssl-and-ssh-using-sslh.trace %INPUT "Known::service_tracking = ALL_HOSTS"
+# @TEST-EXEC: btest-diff known_services.log
+
+@load protocols/conn/known-services

testing/external/commit-hash.zeek-testing

@@ -1 +1 @@
-5e5a5e8dbb94215a7ca1def810f4bbe0322bc72e
+dc6a8f1de9f3b298406051282abcaa6e8f198695

testing/external/commit-hash.zeek-testing-private

@@ -1 +1 @@
-b7cf5aa8224fb39baf7497d187f48165fad050da
+fdfcdffd464fd2114be03feacfd075d73a8b1ef9