SHA1 signatures are only allowed in the legacy policy. I have no idea
where this is documented - I found it in a patch for the OpenSSL source
package.
Also adding tar as a specific dependency, since we have a test that
requires it, and at least for me it was not present in a minimal
installation.
Fixes#2115
We previously only generated these files if configuring a build which
included Spicy. This meant that e.g., `zeek-path-dev.*` scripts would
emit errors for non-existing paths if Spicy was not included.
We now always generate the helper scripts so we can reference them
regardless of build configuration. If Spicy is not included the files
will still be sourced, but have no actual effect.
* origin/topic/bbannier/spicy:
Add NEWS item for new requirements due to default-enabled Spicy support.
Include headers in binary dir before other headers.
Increase memory in CI.
Add tests for bundled Spicy infrastructure.
Include spicy in build.
Add `bare_mode` bif.
Change test so included plugins can load notice framework.
Do not log function arguments in test.
This commit partially reverts the changes that we made in
6217851d6d. It turns out that reverting to
the legacy OpenSSL API means that Zeek can no longer be run in FIPS mode
for old (but still used) versions of OpenSSL.
This commit thus uses a bunch of #ifdefs to support both implementations
simultaneously.
* origin/topic/timw/1857-input-log-messages:
Move some repetitive code into a separate method
Store location during Ascii input parsing for use in error messages
Include file information in input reader error messages
* origin/topic/vern/CPP-feature-complete:
NEWS items for script profiling, "footprint" BiFs, and Trigger method deprecations
tweaks per reviewing feedback
make deprecation advice a bit more helpful
format shell scripts per style guide
add deprecation for Trigger Cache/Lookup interfaces
helper scripts for -O C++ maintenance
"-O use-C++" now fails if no C++ bodies wound up being applicable
update environemnt variable names to match command-line arguments
final changes for -O C++ feature completeness, mainly "when" statement support
Change "when" statements that don't require closures to use new implementation. Provide hooks for script optimization access to "when" statements. Regularize treatment of naming and timeouts for Triggers.
switch cached Trigger values to be opaque-and-generic, rather than assuming CallExpr's
tracking of when statements/expressions occur in a "when" context
fix bug that sometimes associated the wrong location with global statements
fix incomplete AST traversal of "when" statements
add some missing "when" closures
regularize test suite names to avoid custom/outdated suffices
* origin/topic/timw/1797-string-allocations:
Store hash analyzer kind StringVals for later reuse
Add Component::GetCanonicalNameVal to avoid extra StringVal allocations
Avoid type unnecessary type conversion in ComponentManager::GetComponentName
Only set connection history if strings differ
If e.g., optional dependencies are installed in the same prefix as a
previous Zeek installation, the build would have previously found
`zeek-config.h` from the external prefix instead of from the current
build.
With this patch we now include the current binary dir before any
previously configured include directories (here in particular: optional
dependencies). With that the correct `zeek-config.h` is found.
Spicy requires substantial amounts of RAM to compile. In this patch we
bump the amount of RAM available in CI so a build including Spicy can be
performed.
This was excercising hooks to validate that they were called. For that
it uses pretty verbose logging. Since version numbers are not stable and
hard to canonify this script already unloads the version module (there
is e.g., code in `base/misc/version` which splits the version strings
and works on single components which might appear like pretty ordinary
floating point numbers in the log).
This test however worked under the assumption that nothing in bare mode
loads `base/misc/version` which is hard to guarantee, especially
considering that plugins can be embedded and might load that module
themself.
With this patch we now make the logging slightly less verbose so that
function call arguments are not logged anymore.
