The number of args being passed to the put() methods was getting to be
fairly long, with more on the horizon. Changing to a record means simplifying
things a little bit.
This change revamps SSH banner parsing. The previous behavior was both
a bit too strict in some regards, and too permissive in other.
Specifically, clients are now required to send a line starting with
"SSH-" as the first line. This is in line with the RFC, as well with
observed behavior. This also prevents the creation of `ssh.log` for
non-SSH traffic on port 22.
For the server side, we now accept text before the SSH banner. This
previously led to a protocol violation but is allowed by the spec.
New tests are added to cover these cases.
* origin/topic/awelzel/4136-cluster-websocket-support:
ci/opensuse-tumpleweed: Bust cache
ci/macos/prepare: Install python@3 explicitly
cluster/websocket: Implement WebSocket server
cluster/websocket: Add IXWebsocket submodule
ci/alpine: Install openssl package for testing
ci: Install websockets from pip for all distros
auxil/libunistd: Bump for ssize_t typedef
auxil/broker: Bump to latest master version
cluster/zeromq: Catch log_push.send() exception
cluster/zeromq: Catch exceptions as const zmq::error_t&
cluster/zeromq: No assert on inproc handling
cluster/zeromq: Support configuring IO threads for proxy thread
cluster/zeromq: Move variable lookups from DoInit() to DoInitPostScript()
cluster/zeromq: Handle EINTR at shutdown
cluster/zeromq: Queue one message at a time
cluster/Backend: Queue a single message only
cluster/zeromq: Adapt for OnLoopProcess changes
cluster/ThreadedBackend: Switch to OnLoopProcess
cluster/OnLoop: Introduce helper template class
serializer/broker: Expose to_broker_event() and to_zeek_event()
Got a build failure because the old container images had python3-devel
for Python3.11 or something older, but then prepare.sh would install
Python 3.13 and Zeek's configure failing due to trying to find the
devel headers from python313-devel which wasn't installed by prepare.sh
It seems Homebrew's Python 3.12 doesn't install default symlinks or
python3 symlinks[1]. I believe this results in prepare.sh using the
system's Python rather than Homebrew's. Install python@3 explicitly
to put the symlinks in place.
[1] https://stackoverflow.com/a/77655631
Using file_state_remove() or file_sniff() would previously crash with the
spicy-zip file analyzer. We don't have spicy-zip here, so it's not a
proper reproducer, but still makes sense to test these events.
f5ff7c4 version: 0.15.0
2a48143 docker/fedora: Bust cache and ensure sqlite-libs is updated
05e5f57 Executor: Unblock SIGTERM in thread
46496b9 Instance: Remove unsued variable
c3b3c86 Instance: Offload JavaScript invocations to executor thread
09e311f Introduce Executor helper
Mainly, run JavaScript on a separate thread for interoperability with
Spicy fiber stacks.
Closes#4239
The cluster/websocket tests were developed against websockets 14.2,
but Ubuntu and Alpine ship too old versions. Switch to installing
the latest version from pip instead, so we don't need to bother making
tests compatible with very old Python packages shipped by distributions.
The ZeroMQ backend would accumulate multiple messages and enqueue them
all at once. However, as this could potentially result in huge batches
of events being queued into the event loop at once, switch to a one
message at a time model. If there's too many messages queued already,
OnLoop::QueueForProcessing() will block the ZeroMQ thread until
there's room available again.
