This option indicates that the Teredo analyzer should wait until
it sees both sides of a connection using a valid Teredo encapsulation
before issuing a protocol_confirmation. Previous behavior confirmed
on the first instance of a valid encapsulation, which could result
in more false positives (and e.g. bogus entries in known-services.log).
Addresses #890.
Teredo bubble packets (IPv6 w/ No Next Header and zero Payload Length)
with data extending past the inner IPv6 header (the outer IPv4 header's
Total Length and UDP header's Length indicate this) now only raises
a "Teredo_payload_len_mismatch" weird instead of causing a
ProtocolViolation().
This also fixes a crash in NetSessions::ParseIPPacket() that occurred
when the packet length didn't match the payload length field.
The Tunnel::yielding_teredo_decapsulation (on by default) makes it so
the Teredo analyzer doesn't attempt to decapsulate payloads when
there's already a sibling analyzer that thinks it's parsing the right
protocol. Sometimes, UDP payloads just happen to look like they are
validly Teredo-encapsulated and doing further analysis on the
decapsulated packet can quickly turn into a weird; this change helps
reduce such weirds.
