These allow packet analyzers to register ports as identifiers to forward from
parent analyzers, while also adding those ports to the now-global
Analyzer::ports table at the same time.
This allows us to create an EnumType that groups all of the analyzer
tag values into a single type, while still having the existing types
that split them up. We can then use this for certain events that benefit
from taking all of the tag types at once.
- Remove tag types for each component type (analyzer, etc)
- Add deprecated versions of the old types
- Remove unnecessary tag element from templates for TaggedComponent and ComponentManager
- Enable TaggedComponent to pass an EnumType when initializing Tag objects
- Update some tests that are affected by the tag enum values changing order
This commit fixes the compile-time warnings that OpenSSL 3.0 raises for
our source-code. For the cases where this was necessary we now have two
implementations - one for OpenSSL 1.1 and earlier, and one for OpenSSL
3.0.
This also makes our testsuite pass with OpenSSL 3.0
Relates to GH-1379
* topic/AbdelSaTd/case-insensitive-find:
testing-do-find-str_case-insensitive
case-insensitive-search-features-for-do_find_str
I did a few small style-fixes while merging this and expanded the test
a bit. I also removed unecessary commits.
Closes GH-1828
* origin/topic/robin/gh-1757-loadfile2:
Tweaking a couple of debug message.
Add new hook `HookLoadFileExtended` that allows plugins to supply Zeek script code to parse.
Move logic to execute `HookLoadFile` for signatures into rule matcher code.
* origin/topic/bbannier/issue-1780:
Add Github action exercising pre-commit
Add pre-commit config.
Format code with `clang-format`
Remove stale files `src/DebugCmdInfoConstants.*`
Disable formatting for files in `testing/btest/plugins`
Move 3rdparty source files to `3rdparty/`
Files in that folder were previously not formatted. With this patch we
now disable formatting in that folder explicitly by adding a dedicated
`clang-format` config which deactivates any formatting changes.
The new hooks works similar to the existing `HookLoadFile` but,
additionally, allows the plugin to return a string that contains the
code to be used for the file being loaded. If the plugin does so, the
content of any actual file on disk will be ignored (in fact, there
doesn't even need to be a file on disk in that case). This works for
both Zeek scripts and signatures.
There's a new test that covers the new functionality, testing loading
both scripts and signatures from memory. I also manually tested that the
debugger integration works, but I don't see much of a way to add a
regression test for that part.
We keep the existing hook as well for backwards compatibility. We could
decide to deprecate it, but not sure that buys us much, so left that
out.
Closes#1757.
This (1) fixes an issue where signature files supplied on the command
line wouldn't pass through the hooks, and (2) prepares for allowing
hooks to supply the content of a signature file directly.
When checksum offloading is enabled, we now forward packets that
have 0 header lengths set - and assume that they have TSO enabled.
If checksum offloading is not enabled, we drop the packets.
Addresses GH-1829
* origin/topic/vern/remove-uu:
fix up for linking w/ doc update
documentation update
script simplification that removes an unnecessary &is_assigned
removing -uu functionality and associated script analysis now no longer needed
- Expand language.set to cover sets of sets
- Expand language.table to cover tables indexed with tables
- Add language.table-nested-set-ordering to capture the reproducer from GHI-1753
Changes during merge:
- Add dedicated test (w/ trace "client_timestamp_enabled.pcapng" from Cloudshark)
- Change types from signed to unsigned.
- Add cast for bit-shifting operand.
- clang-format run
* origin/topic/seth/tsv-logs-utf8-by-default:
Fix mis-usage of string::append that leads to an overflow
Use json_escape_utf8 for all utf8 data in ODesc
Switch the TSV Zeek logs to be UTF8 by default.
