* security/topic/awelzel/125-ftp-timeout-three:
testing/ftp: Add tests and pcaps with invalid reply lines
ftp: Harden reply handing a bit and don't raise bad replies to script-land
ftp: ignore invalid commands
* origin/topic/robin/zeek-spicy-infra:
Switch to shared Spicy libraries by default.
Provide infrastructure to migrate legacy analyzers to Spicy.
Extend Zeekygen manager with method to check if it's active.
This should work now. It affects only the toolchain libraries
`libhilti`/`libspicy`. the runtime libraries `libhilti-rt` and
`libspicy-rt` are always built static (but they are small). Zeek
itself doesn't link against the toolchain anymore now anyways, but a
number of the Spicy tools do.
Note, we have an issue with Broker I believe: it looks like it always
overrides BUILD_SHARED_LIBS to `OFF`
Addresses #2675.
As initial examples, this branch ports the Syslog and Finger analyzers
over. We leave the old analyzers in place for now and activate them
iff we compile without any Spicy.
Needs `zeek-spicy-infra` branches in `spicy/`, `spicy-plugin/`,
`CMake/`, and `zeek/zeek-testing-private`.
Note that the analyzer events remain associated with the Spicy plugin
for now: that's where they will show up with `-NN`, and also inside
the Zeekygen documentation.
We switch CMake over to linking the runtime library into the plugin,
vs. at the top-level through object libraries.
* origin/topic/awelzel/2674-arm64-containers-on-cirrus:
cirrus/containers: Do not install btest pcaps
cirrus: Replace curl with _cache
cirrus: Add cluster testing
cirrus: Polish container_image_manifest_docker_builder
cirrus: Use ccache for faster container builds
cirrus: Add docker_builder tasks to build and push images
github: No more docker workflow
* topic/awelzel/topic/awelzel/2698-sqlite-backend-options:
broker/store: Extend SQLiteOptions around data safety and performance
auxil/broker: Bump submodule
Add configurability of synchronous and journal_mode for SQLite backed
Broker data stores. Setting these to synchronous=normal and journal_mode=wal
can significantly improve throughput at the cost of some durability in
the presence of power loss or OS crash. In the context of Zeek, this is
likely more than acceptable.
Additionally, add integrity_check and failure_mode options to support deleting
and re-opening a corrupted SQLite database at store creation.
Closes#2698
b41a4bf06d removed a field from this record
because it had a duplicate name as another field. The field does need to
exist, but it needs the correct name.
* origin/topic/timw/pvs-studio-findings:
Add tooling section to README
A bunch of other minor issues reported by PVS-Studio
Simplify setup of IPv6 DNS resolvers
Add missing assignment operators to RobustDictIterator
Fix some member-variable shadowing issues
Fix/simplify some if statement comparisons
Fix a few minor int pointer value initializations
Fix a bunch of missing class member initializations
Remove unnecessary virtual specifiers from final classes
