DNS_Mgr has a GetNextTimeout() implementation that may return 0.0. When
that is the case, its IO source is enqueued as ready with an fd of -1.
This in turn results in Process() being called instead of ProcessFd()
in RunState.cc.
Ensure timeouts behavior is properly handled by actually forwarding
timeout indications to c-ares via DNS_Mgr::Process(). This results
in pending DNS queries for which a timeout happened to actually
timeout (when there's no other connectivity).
* origin/topic/jazoff/gh-3268:
Fix check for emailed notices
Changes: Added a test-case printing email_delay_tokens to compare email vs
non-email notice types. Previously, both notice types would have email
delay tokens at that point in the flow.
The diffs produced by telemetry.log when introducing a weird or
removing/adding protocol specific logs is overwhelming and distracting
without providing value. Exclude telemetry.log similar to how we already
exclude stats.log.
Some more targeted telemetry.log tests exists in the normal testing/btest
suite and that appears more sensible.
...except for clang-format, because versions after v13.0.0 have
borked the Whitesmith formatting. Also moves yapf from
pre-commit/mirrors-yapf to google/yapf.
* origin/topic/awelzel/ditch-file-krb-include:
cmake: Bump submodule for removal of NEED_KRB5_H
zeek-config.h: Drop NEED_KRB5_H
File: Drop krb5.h include
When http_reply events are received before http_request events, either
through faking traffic or possible re-ordering, it is possible to trigger
unbounded state growth due to later http_requests never being matched
again with responses.
Prevent this by synchronizing request/response counters when late
requests come in.
Also forcefully flush pending requests when http_replies are never
observed either due to the analyzer having been disabled or because
half-duplex traffic.
Fixes#1705
* topic/awelzel/3235-dont-flip-broadcasts:
testing: Bump external test suite
dhcp: Handle is_orig=T for connections from server to 255.255.255.255
IPBasedAnalyzer: Don't flip connections when destination is broadcast
This works around the new semantics of is_orig=T for "connections"
from DHCP servers to broadcast addresses. IMO, having the server address
as originator in the conn.log is still more intuitive.
It looks as if krb5.h was only ever needed together with OpenSSL, then
OpenSSL includes were removed, but the krb5.h ones stayed around.
References:
610d081c4bd7c10ca7c3
* origin/topic/vern/script-opt-maint.Aug23:
updated notes regarding "-O gen-C++" maintenance
"-O gen-C++" support for "assert" statements
addressed some nits re "-O gen-C++" script optimization
fixes for compiling lambdas to C++
fixes to avoid ambiguities in analyzing captures for script optimization
disambiguate lambdas by adding scoping and consideration of captures
addressed performance and correctness issues flagged by Coverity
