Add extract_limit_includes_missing option for file extraction

Setting this option to false does not count missing bytes in files towards the
extraction limits, and allows to extract data up to the desired limit,
even when partial files are written.

When missing bytes are encountered, files are now written as sparse
files.

Using this option requires the underlying storage and utilities to support
sparse files.

testing/btest/scripts/base/files/extract/limit-large-hole.zeek

@@ -0,0 +1,38 @@
+# @TEST-EXEC: zeek -C -b -r $TRACES/http/http-large-gap.pcap %INPUT efname=1 FileExtract::default_limit_includes_missing=T
+# @TEST-EXEC: btest-diff --binary extract_files/1
+# @TEST-EXEC: btest-diff 1.out
+# @TEST-EXEC: mv files.log files-1.log
+# @TEST-EXEC: btest-diff files-1.log
+# @TEST-EXEC: zeek -C -b -r $TRACES/http/http-large-gap.pcap %INPUT efname=2 FileExtract::default_limit_includes_missing=F
+# @TEST-EXEC: rm extract_files/2
+# @TEST-EXEC: btest-diff 2.out
+# @TEST-EXEC: mv files.log files-2.log
+# @TEST-EXEC: btest-diff files-2.log
+# @TEST-EXEC: zeek -C -b -r $TRACES/http/http-large-gap.pcap %INPUT efname=3 FileExtract::default_limit_includes_missing=F max_extract=1
+# @TEST-EXEC: rm extract_files/3
+# @TEST-EXEC: btest-diff 3.out
+# @TEST-EXEC: mv files.log files-3.log
+# @TEST-EXEC: btest-diff files-3.log
+
+@load base/files/extract
+@load base/protocols/http
+
+global outfile: file;
+const max_extract: count = 10 &redef;
+const efname: string = "0" &redef;
+
+event file_new(f: fa_file)
+    {
+    Files::add_analyzer(f, Files::ANALYZER_EXTRACT,
+	                    [$extract_filename=efname, $extract_limit=max_extract]);
+    }
+
+event file_extraction_limit(f: fa_file, args: any, limit: count, len: count)
+    {
+    print outfile, "file_extraction_limit", limit, len;
+    }
+
+event zeek_init()
+	{
+	outfile = open(fmt("%s.out", efname));
+	}