After the first 4 bytes, this traffic actually just looks like Ethernet.
Rather than try to re-implement the ethernet analyzer, just check the
length, skip 4 bytes, and pass it on.
* origin/topic/christian/btest-invocation-for-cluster-tests:
CI: remove no longer needed workaround for GITHUB_ACTION env var in cluster tests
CI: directly invoke btest in the cluster testsuite
This resembles the way we also invoke it in ci/test.sh, and "-d"'s direct
console output saves a roundtrip through uploaded artifacts when tests fail.
This skips test retries for now -- not sure we really need it for this
testsuite.
* origin/topic/timw/fix-windows-build:
Fix linking of zeek_build_info on Windows
CI: Enable Windows builds for PRs
Call python explicitly from cmake for collecting repo info on Windows
Rework zeek-inet-ntop snprintf return value handling
* origin/topic/vern/Feb23-C++-maint:
added to C++ script compiler maintainer notes utility of starting with full base script compile
fixes for order-of-initialization in scripts compiled to C++ annotations of such initializations to tie them to the original Zeek script
Fixed bad memory access in compiled-to-C++ scripts when initializing attributes
* origin/topic/timw/2720-vxlan-geneve-confirmation:
Call AnalyzerConfirmation earlier in VXLAN/Geneve analysis
Add validation of session to start of AYIYA/VXLAN/Geneve analysis
This mimics how the Teredo analyzer is already doing it, including
sending a weird if the session is invalid and bailing out if the
protocol was already violated.
An unnecessary overhead of the Hash() method was uncovered for DEBUG builds
due to computing a description of every HashKey() even when the DBG_HASHKEY
stream is not enabled. Squelch it.
This adds a new utility called ci/collect-repo-info.py to produce a JSON
document that is then baked into the Zeek executable file. Further, when
creating a tarball via `make dist`, put a top-level repo-info.json file
in place that is picked when no .git directory exists.
Closes#1405
* Add ci/find-current-version.sh to figure out versions of lts and
feature branch based on repository state.
* Do not use ZEEK_IMAGE_REPO for the local images that
are expected to exist.
* Only use IMAGE_NAME/IMAGE_TAG instead of the ARCH and MANIFEST
versions that contained the very same values
* Support and push additional tags
In addition to the lts and feature tags, also push the base version
tags. 5.0 or 5.1 such that someone pulling zeek/zeek:5.0 will get
the most recent available 5.0 patch release.
