Add handling for IPv6 extension header chains (addresses #531)

- The script-layer 'pkt_hdr' type is extended with a new 'ip6' field
  representing the full IPv6 header chain.

- The 'new_packet' event is now raised for IPv6 packets (addresses #523)

- A new event called 'ipv6_ext_header' is raised for any IPv6 packet
  containing extension headers.

- A new event called 'esp_packet' is raised for any packets using ESP
  ('new_packet' and 'ipv6_ext_header' events provide connection info,
  but that info can't be provided here since the upper-layer payload
  is encrypted).

- The 'unknown_protocol' weird is now raised more reliably when Bro
  sees a transport protocol or IPv6 extension header it can't handle.
  (addresses #522)

Still need to do IPv6 fragment reassembly and needs more testing.

src/Sessions.h

@@ -79,7 +79,7 @@ public:
 	// Returns a reassembled packet, or nil if there are still
 	// some missing fragments.
 	FragReassembler* NextFragment(double t, const IP_Hdr* ip,
-				const u_char* pkt, uint32 frag_field);
+				const u_char* pkt);
 
 	int Get_OS_From_SYN(struct os_type* retval,
 			uint16 tot, uint8 DF_flag, uint8 TTL, uint16 WSS,
@@ -193,7 +193,13 @@ protected:
 	// Builds a record encapsulating a packet.  This should be more
 	// general, including the equivalent of a union of tcp/udp/icmp
 	// headers .
-	Val* BuildHeader(const struct ip* ip);
+	Val* BuildHeader(const IP_Hdr* ip);
+
+	// For a given protocol, checks whether the header's length as derived
+	// from lower-level headers or the length actually captured is less
+	// than that protocol's minimum header size.
+	bool CheckHeaderTrunc(int proto, uint32 len, uint32 caplen,
+	                      const struct pcap_pkthdr* hdr, const u_char* pkt);
 
 	CompositeHash* ch;
 	PDict(Connection) tcp_conns;