The mmdb references needs to use reset() instead of release()
so that the destructor gets called and the stale DB is actually
cleaned up. Otherwise, the pointer is leaked and the stale DB
remains in memory.
Corpus was generated from a few btest pcaps, fuzzing for 60 seconds
locally and minimizing afterwards as in the documentation.
List of pcaps:
certificate-request-failed.pcap
certificate-with-sct.pcap
cert-no-cn.pcap
chrome-34-google.trace
chrome-63.0.3211.0-canary-tls_experiment.pcap
heartbleed-encrypted.pcap
heartbleed-encrypted-short.pcap
heartbleed-encrypted-success.pcap
heartbleed.pcap
heartbleed-success.pcap
ssl-v2.trace
ssl.v3.trace
tls1_1.pcap
tls-1.2-handshake-failure.trace
tls1.2-protocol-violation.pcap
tls1.2.trace
tls13_wolfssl.pcap
tls-early-alert.trace
For records and enums, the type registration calls could get pretty
large, and then slow to compile. We now build up their vectors
entry by entry instead of all at once.
The first pcap only contained packets from the originator, not the responder.
What stands out here is that the Linux kernel doesn't seem to use a symmetric
flow hash for the tunneled connection, resulting in a total of four tunnel
connections for the two inner connections. Sigh.
It is not necessary to allocate and free the context objects used for
HKDF and AES all the time, they can be re-used. The main assumption here
is no cross-thread usage, but this should be guaranteed even with the
fibers: QUIC_decrypt_crypto_payload() always runs to completion.
A pcap with ~12k QUIC connections had ~15% samples in
QUIC_decrypt_crypto_payload. After this change it is down to 5%
of samples. The improvement in runtime is ~16%, 12.2 seconds
to 10.2 seconds.
From zeek/spicy-quic#14
We compared the return value of `sizeof` which returns a `std::size_t`
with an `int` which GCC warned about. This patch changes the `int` to a
`size_t`.
Allocation of bytes objects due to parsing and usage of pack and the
invocation of to_uint() showed significantly in profiles (3.3% sample
matches). Switch to a more procedural approach to avoid the allocation
overhead.
From zeek/spicy-quic/pull/13
* origin/topic/awelzel/2326-import-quic:
ci/btest: Remove spicy-quic helper, disable Spicy on CentOS 7
btest/core/ppp: Run test in bare mode
btest/quic: Update other tests
testing/quic: Fixups and simplification after Zeek integration
quic: Integrate as default analyzer
quic: Include Copyright lines to the analyzer's source code contributed by Fox-IT
quic: Squashed follow-ups: quic.log, tests, various fixes, performance
quic: Initial implementation
