* origin/topic/awelzel/tcp-reassembler-undelivered-data-match-bool-bool-bool-confusion:
TCP_Reassembler: Fix IsOrig() position in Match() call
(cherry picked from commit 4a4cbf2576)
* topic/christian/localversion:
Parse and store localversion string
Remove commented-out code
Check ZEEK_VERSION_LOCAL for dashes
Update version string btests for localversion
Modify version parsing for localversion
Update version used by spicyz
Update build script
Support for configurable localversion
(cherry picked from commit d09584e52e)
* topic/christian/3671-fix-icmp-caplen-violations:
Factor in caplens in ICMPAnalyzer::DeliverPacket length calculations
(cherry picked from commit 7fdbb73511)
There's something wrong with chocolatey's OpenSSL 3.2.0 package that
causes cmake to not be able to find libcrypto even though it's clearly
in the directory. Pinning to 3.1.1 fixes the build issue.
(cherry picked from commit 5a7c482a0f)
OSS-Fuzz managed to produce a MIME multipart message construction with
thousands of nested entities (or that's what Zeek makes out of it anyhow).
Prevent such deep analysis by capping at a nesting depth of 100,
preventing unnecessary resource usage. A new weird named exceeded_mime_max_depth
is reported when this limit is reached.
This change reduces the runtime of the OSS-Fuzz reproducer from ~45 seconds
to ~2.5 seconds.
The test PCAP was produced from a Python script using the email package
and sending the rendered version via POST to a HTTP server.
Closes#208
(cherry picked from commit 4e5849fe82c6097df5d25cd1a74d69ab4fa50f46)
* origin/topic/christian/release-6.0-ci-updates:
CI: Remove unused openssl30_config
ci: Remove ZEEK_CI_DISABLE_SCRIPT_PROFILING logic
CI: Move Debian variations from 11 to 12
CI: Add Ubuntu 23.10
CI: Drop openSUSE Leap 15.4, about to EOL.
CI: FreeBSD 14 is out now, 12 is about to EOL.
CI: distro EOL comment tweaks
CI: drop Fedora 37, add Fedora 39
CI: Install missing packages on opensuse
CI: Use other base64 options on macOS Sonoma too
CI: Add macOS Sonoma build, remove macOS Monterey build
Fix tests so they work both with GNU and BSD tools
Install libmaxminddb in macOS CI
CI: Pass -A flag to btest for cluster-testing builds
CI: Add more logging during docker builds
CI: disable Spicy on CentOS 7
CI: Disable spicy on arm_debian11 and opensuse_leap_15_4 builds
CI: Remove sanitizers resource template
Enable ccache-backed Spicy JIT for users of developer scripts.
Add OpenSUSE Leap 15.5 to ci
To my knowledge this doesn't make a huge difference anymore and locally
I'm only using ASAN builds. It's not actually too slow.
(cherry picked from commit 344369f169)
This switches the ARM and static builds from 11 to 12. x86 and ARM now build by
default, and 11 only with fullci. 10 remains as-is, because we like to torture
ourselves.
(cherry picked from commit 4f6c25bb91)
