* origin/topic/vern/script-inlining:
cleaner approach for localizing errors associated with duplicated ASTs: virtualize GetLocationInfo
Add commentary to Frame::GetElement(int) about lack of offset adjustment
Remove unused local in Inliner::Analyzer()
Tweak FuncInfo memory management
Switch InlineExpr from using IDPList* to vector<IDPtr>
Insert contents of #included script-opt files directly
Simplify some IntrusivePtr operations in Expr::Duplicate/Inline
Remove Func::AsScriptFunc() methods
Remove superflous std::move's from Inliner return values
Remove SetupResult::parse_only field
Rename Frame::IncreaseOffset() to Frame::AdjustOffset()
Update alternative plugins.hooks baselines
Superficial changes to script-opt related code
merge glitch
updates from test suite
inlining of Zeek script functions
inlining of Zeek script functions
A logger process being terminated/killed while in the process of creating
a new .shadow file may leave an empty (invalid) one around. This in turn
causes the logger to error and exit during startup.
$ $ ls -lha .shadow.*
-rw-r--r-- 1 root root 0 Dec 16 18:48 .shadow.dns.log
-rw-r--r-- 1 root root 0 Dec 16 18:48 .shadow.packet_filter.log
$ zeek LogAscii::enable_leftover_log_rotation=T Log::default_rotation_interval=30sec -i wlp0s20f3
error in <params>, line 1: failed to process leftover log 'dns.log': Found leftover log, 'dns.log', but the associated shadow file, '.shadow.dns.log', required to process it is invalid
error in <params>, line 1: failed to process leftover log 'packet_filter.log': Found leftover log, 'packet_filter.log', but the associated shadow file, '.shadow.packet_filter.log', required to process it is invalid
$ ...
Prevent creating invalid .shadow files by atomically creating them.
This event is raised for messages that (probably) are TLS 1.3 handshake
messages, including finished. This allows scripts to examine handshake
messages without having to handle all encrypted messages.
In TLS 1.3, the ChangeCipherSpec message is meaningless; it only is
included to convince middleboxes that the devices actually are speaking
TLS 1.2. Nowadays some TLS 1.3 implementations also just don't send the
packet.
In a push to unify our handling of TLS 1.3 connections - ignore CCS and
always go with application data packet counting to determine if
connections are or are not encrypted.
* origin/topic/jsiwek/gh-1329-fuzzer-driver-cleanup:
Rename a 'do_net_run' variable to 'do_run_loop'
GH-1329: call Zeek's cleanup function from standalone fuzzer driver
