* topic/christian/doctest-in-packages:
Update cmake and auxil/zeek-aux submodules
Remove the --enable-cpp-tests configure flag in Cirrus CI
Add testcases for plugin with doctest usage
Flip unit tests to being enabled by default
Support for unit tests in plugins
Alphabetically sort configure's enable/disable/with options
This pushes the unit test kickoff down in the Zeek startup sequence, to give
plugins a chance to register. It also enforces deterministic mode for unit
testing, since without it some unit tests start to have nondeterministic results
at that stage.
This commit also changes the PcapDumper to automatically flush after
every called to Dump(). This is because pcap_dump has an internal buffer
of some sort that only writes to the file after a set amount of bytes.
When using the new option on a low-traffic network, it might be a while
before you see any packets written since it has to overcome that buffer
limit first.
* origin/topic/robin/gh-1757-loadfile2:
Tweaking a couple of debug message.
Add new hook `HookLoadFileExtended` that allows plugins to supply Zeek script code to parse.
Move logic to execute `HookLoadFile` for signatures into rule matcher code.
The new hooks works similar to the existing `HookLoadFile` but,
additionally, allows the plugin to return a string that contains the
code to be used for the file being loaded. If the plugin does so, the
content of any actual file on disk will be ignored (in fact, there
doesn't even need to be a file on disk in that case). This works for
both Zeek scripts and signatures.
There's a new test that covers the new functionality, testing loading
both scripts and signatures from memory. I also manually tested that the
debugger integration works, but I don't see much of a way to add a
regression test for that part.
We keep the existing hook as well for backwards compatibility. We could
decide to deprecate it, but not sure that buys us much, so left that
out.
Closes#1757.
This (1) fixes an issue where signature files supplied on the command
line wouldn't pass through the hooks, and (2) prepares for allowing
hooks to supply the content of a signature file directly.
With the recent packet manager work, it broke to register a protocol
analyzer for a specific port from inside a plugin's initialization code.
That's because that registration now depends on the packet manager being
set up, which isn't case at that time a plugin's `InitPostInit()` runs.
This fix contains two parts:
- Initialize the packet manager before the analyzer manager, so that
the latter's `InitPostScript()` can rely on the former being
ready.
- Change the analyzer manager to (only) record port registrations
happening before it's fully initialized. Its `InitPostScript()`
then performs the actual registrations, knowing it can use the
packet manager now.
This comes with a `cmake/` to add a missing include directory.
The supervisor does not require the full weight of scripts that
init-default.zeek brings with it. The new file, init-supervisor.zeek, contains
only what's required by the supervisor in addition to the other always-loaded
init files.
* origin/topic/vern/CPP-workflow2:
low-level coding style fixes
support for standalone compiled scripts to export globals with module qualifiers
updates for documentation of functionality for compiling scripts to C++
fixes for standalone C++ scripts making types & variables/functions available
fixed bug limiting availability of load_CPP() BiF
updates to development helper scripts to support new workflow
simpler workflow for -O gen-C++ ; also some hooks for -O gen-standalone-C++
ReplaceBody now deletes a body if the replacement is nil
removal of can't-actually-be-executed code
* origin/topic/seth/small-builtin-plugin-fixes:
Fix tests
Removed a non-functional builtin plugin preload loading mechanism
Load the builtin-plugin preload files and fix the dev path.
- Minor adjustments to header includes, whitespace, and a
compiler warning fix during merge
* origin/topic/neverlord/gh-1408:
Add new Timer class to the telemetry API
Fix build with latest VectorVal API
Update baselines
Prefix telemetry BIFs with __
Expose telemetry API to scripting land
Add handle types for histogram metrics
Move duplicated code to detail header
Adhere to Zeek coding style
Apply suggestions from code review
Add telemetry Manager to Zeek setup / teardown
Add missing whitespaces for Zeek coding style
Add gauge metric types
Add scaffold for new metrics API with counters
Use of --parse-only would previously exit before --usage-issues had a
chance to analyze scripts and report any discovered issues and it can be
useful to combine both flags for checking scripts for mistakes without
actually executing any code.
This also improves the behavior of --parse-only in combination with
reporting problems in signature files (previously, it exited before
even reading them).
