* origin/topic/vlad/bogon:
Zeekygen doesn't support comments on set members
Add 6to4 addresses, if the matching IPv4 address is private
Update Site::private_address_space to latest IANA networks
* topic/christian/cluster-controller:
Add a cluster controller testcase for agent-controller checkin
Add zeek-client via new submodule
Update baselines affected by cluster controller changes
Introduce cluster controller and cluster agent scripting
Establish a separate init script when using the supervisor
Add optional bare-mode boolean flag to Supervisor's node configuration
Add support for making the supervisor listen for requests
Add support for setting environment variables via supervisor
* origin/topic/timw/1644-patricia-calloc-size:
GH-1644: Pass a larger structure to be calloc'd in patricia.c
Fix multiple spelling errors in debug output
* origin/topic/seth/subproject-build:
Removing a fix from another branch
Update binpac pointer
Update bifcl and binpac for building Zeek as a submodule
Updated the cmake pointer
Fix the builtin plugin preload mechanism
Update submodule pointer for cmake to point at the appropriate branch
Switch to more accurate source and binary references in cmake
* origin/topic/johanna/gh-859:
Add X509/SSL changes to NEWS
X509: add check if function succeeds
GH-1634: Address feedback
Small indentation fixes in ssl-log-ext.zeek
Fix memory leak in x509_check_cert_hostname bif
Small bugfix and updates for external test hashes (SSL/X509)
Baseline updates for recent SSL changes.
Add ability to check if hostname is valid for a specific cert
Add ssl_history field to ssl.log
Add policy script suppressing certificate events
Add new ssl-log-ext policy script
Deprecate extract-certs-pem.zeek and add log-certs-base64.zeek
Implement X509 certificate log caching
Deprecate ICSI SSL notary script.
Change SSL and X.509 logging format
Enable OCSP logging by default.
Split the code that handles X509 event hashing into its own file
Closes GH-859
* topic/christian/global-log-filter-hooks:
Bump docs to pull in new log filter hooks documentation
Add a global log policy hook to the logging framework
* origin/topic/vern/CPP-workflow2:
low-level coding style fixes
support for standalone compiled scripts to export globals with module qualifiers
updates for documentation of functionality for compiling scripts to C++
fixes for standalone C++ scripts making types & variables/functions available
fixed bug limiting availability of load_CPP() BiF
updates to development helper scripts to support new workflow
simpler workflow for -O gen-C++ ; also some hooks for -O gen-standalone-C++
ReplaceBody now deletes a body if the replacement is nil
removal of can't-actually-be-executed code
* origin/topic/seth/small-builtin-plugin-fixes:
Fix tests
Removed a non-functional builtin plugin preload loading mechanism
Load the builtin-plugin preload files and fix the dev path.
GH-1216: Enable Mobile IPv6 support by default (Tim Wojtulewicz, Corelight)
* origin/topic/timw/1216-enable-mobile-ipv6:
GH-1216: Enable Mobile IPv6 support by default
* origin/topic/vern/ZAM-prep: (45 commits)
whoops overlooked the need to canonicalize filenames
another set of tweaks per review comments
addressed a number of code review comments
baseline updates for merge
support "any" coercions for "-O gen-C++"
better descriptions for named record constructors
test suite baseline updates for "-a opt" optimize-AST alternative
test suite baseline updates for "-a xform" alternative / AST transformation
error propagation fix for AST reduction
updates to "-a inline" test suite alternative baseline
updates for the main test suite baseline
updates to test suite tests for compatibility with upcoming ZAM functionality
"-O compile-all" option to specify compilation of inlined functions
compile inlined functions if they're also used indirectly
provide ZAM-generated code with low-level access to record fields
fix for cloning records with fields of type "any"
direct access for ZAM to VectorVal internal vector
ZVal constructors, accessors & methods in support of ZAM
switch ZVal representation of types from Type objects to TypeVal's
revised error-reporting interface for ZVal's, to accommodate ZAM inner loop
...
* origin/topic/christian/gh-1600:
Remove unnecessary -B arguments from Zeek invocations in testsuite
Fix perftools-enabled build
Minor tweaks to single-character command line option handling
* origin/topic/vlad/page_hostnames:
Expand the tests, and have email_admin email src contacts in one e-mail, and dst contacts in another.
Simplify the logic a big by making Notice$email_dest have a default rather than be optional
Missed some baselines
Update hashes in external testing repos
Update notice.log baselines
Remove unneccessary @load
Add tests for e-mail actions, and cleanup the new logic a bit.
Fixup priorities
Add a new field to the notice, which defines where to send the e-mail
Add page and email_admin to hostnames extension
* origin/topic/bbannier/issue-1590:
Change SSH version field to be `&optional`.
Reformat function in SSH base script.
Changes during merge:
* rename weirds to fit into our naming scheme
* add NEWS entry
Closes GH-1590
* 'logging/script-logdir' of https://github.com/kramse/zeek:
Copy of ascii-empty test, just changed path in the beginning
Logdir: Change requested by 0xxon, no problem
Introduce script-land variable that can be used to set logdir.
Closes GH-772
* origin/topic/timw/1114-tcp-analyzer:
Update NEWS [skip ci]
Label session adapters in the output of zeek -NN
Split session adapter code into separate files from the analyzers
Move adapter-specific code back into the adapter
Move ICMP counterpart methods outside of ICMPAnalyzer class
Remove obsolete Skipping()/SetSkip() from Connection
Remove some code from IPBasedAnalyzer and children that was waiting for TCP to be implemented
Move TCPStateStats object out of session_mgr
Move analyzer-to-port mapping out of analyzer::Manager into packet analyzers
Move packet parsing code out of adapter into analyzer
Move old TCP analyzer into analyzer adapter in packet analysis tree
