quic: Integrate as default analyzer

2025-10-02 14:48:21 +00:00 · 2023-09-21 18:40:39 +02:00 · 2023-09-21 18:40:39 +02:00 · ee827eecf7
commit ee827eecf7
parent d0d461ec13
4 changed files with 24 additions and 21 deletions
--- a/scripts/base/init-default.zeek
+++ b/scripts/base/init-default.zeek
@ -66,6 +66,7 @@
@load base/protocols/ntlm
@load base/protocols/ntp
@load base/protocols/pop3
@load base/protocols/quic
@load base/protocols/radius
@load base/protocols/rdp
@load base/protocols/rfb
--- a/scripts/base/protocols/quic/load.zeek
+++ b/scripts/base/protocols/quic/load.zeek
@ -1,2 +1,4 @@
@ifdef ( Analyzer::ANALYZER_QUIC )
@load ./consts
@load ./main
@endif
--- a/src/analyzer/protocol/CMakeLists.txt
+++ b/src/analyzer/protocol/CMakeLists.txt
@ -28,6 +28,7 @@ add_subdirectory(ntlm)
 add_subdirectory(ntp)
 add_subdirectory(pia)
 add_subdirectory(pop3)
 add_subdirectory(quic)
 add_subdirectory(radius)
 add_subdirectory(rdp)
 add_subdirectory(rfb)
--- a/src/analyzer/protocol/quic/CMakeLists.txt
+++ b/src/analyzer/protocol/quic/CMakeLists.txt
@ -1,23 +1,22 @@
-spicy_add_analyzer(
+if (OPENSSL_VERSION VERSION_GREATER_EQUAL "1.1.0")
-    NAME QUIC
+    spicy_add_analyzer(NAME QUIC PACKAGE_NAME QUIC SOURCES QUIC.spicy QUIC.evt decrypt_crypto.cc)
    PACKAGE_NAME QUIC
    SOURCES QUIC.spicy QUIC.evt
    SCRIPTS __load__.zeek main.zeek
    CXX_LINK ${CMAKE_CURRENT_BINARY_DIR}/libdecrypt_crypto.a)
-add_dependencies(QUIC decrypt_crypto)
+    # spicy_QUIC target is conditionally created by spicy_add_analyzer()
    if (TARGET spicy_QUIC)
        # I don't think this is actually needed as there's an unconditional
        # include_directories(BEFORE ${OPENSSL_INCLUDE_DIR}) at the top-level.
        target_include_directories(spicy_QUIC PRIVATE "${OPENSSL_INCLUDE_DIR}")
    endif ()
 else ()
    message(
        STATUS
            "Warning: QUIC analyzer unavailable - requires OpenSSL 1.1 or later (found ${OPENSSL_VERSION})"
    )
 endif ()
-find_program(SPICY_CONFIG name spicy-config REQUIRED)
+# Allow tests to introspect availability of the QUIC analyzer.
-execute_process(
+if (TARGET spicy_QUIC)
-    COMMAND ${SPICY_CONFIG} --include-dirs
+    set(ZEEK_HAVE_ANALYZER_QUIC yes CACHE INTERNAL "Zeek has QUIC protocol parser support")
-    OUTPUT_VARIABLE SPICY_INCLUDE_DIRS)
+else ()
-string(REPLACE " " ";" SPICY_INCLUDE_DIRS ${SPICY_INCLUDE_DIRS})
+    set(ZEEK_HAVE_ANALYZER_QUIC no CACHE INTERNAL "Zeek has QUIC protocol parser support")
-
+endif ()
 find_package(OpenSSL REQUIRED)
 add_library(decrypt_crypto STATIC decrypt_crypto.cc)
 set_target_properties(
    decrypt_crypto PROPERTIES
    CXX_STANDARD 17
    POSITION_INDEPENDENT_CODE ON)
 target_include_directories(decrypt_crypto PRIVATE "${OPENSSL_INCLUDE_DIR}" "${SPICY_INCLUDE_DIRS}")
 target_link_libraries(decrypt_crypto ${OpenSSL_LIBRARIES})