Merge remote-tracking branch 'origin/topic/awelzel/4198-4201-quic-maintenance'

* origin/topic/awelzel/4198-4201-quic-maintenance:
  QUIC/decrypt_crypto: Rename all_data to data
  QUIC: Confirm before forwarding data to SSL
  QUIC: Parse all QUIC packets in a UDP datagram
  QUIC: Only slurp till packet end, not till &eod

(cherry picked from commit 44304973fb)

testing/btest/scripts/base/protocols/quic/analyzer-confirmations.zeek

@@ -0,0 +1,15 @@
+# @TEST-DOC: Test the order of analyzer confirmations for QUIC and SSL, QUIC should come first.
+
+# @TEST-REQUIRES: ${SCRIPTS}/have-spicy
+# @TEST-EXEC: zeek -Cr $TRACES/quic/chromium-115.0.5790.110-api-cirrus-com.pcap %INPUT >out
+# @TEST-EXEC: zeek-cut -m ts uid history service < conn.log > conn.log.cut
+# @TEST-EXEC: TEST_DIFF_CANONIFIER= btest-diff out
+# @TEST-EXEC: btest-diff conn.log.cut
+
+@load base/protocols/quic
+
+
+event analyzer_confirmation_info(atype: AllAnalyzers::Tag, info: AnalyzerConfirmationInfo)
+	{
+	print "analyzer_confirmation", network_time(), info$c$uid, atype;
+	}

testing/btest/scripts/base/protocols/quic/merlinc2.zeek

@@ -0,0 +1,8 @@
+# @TEST-DOC: Test PCAP for Merlin C2 from issue #4198
+
+# @TEST-REQUIRES: ${SCRIPTS}/have-spicy
+# @TEST-EXEC: zeek -Cr $TRACES/quic/merlinc2_Zeek_example.pcapng base/protocols/quic
+# @TEST-EXEC: zeek-cut -m ts uid history service < conn.log > conn.log.cut
+# @TEST-EXEC: btest-diff conn.log.cut
+# @TEST-EXEC: btest-diff ssl.log
+# @TEST-EXEC: btest-diff quic.log