* origin/topic/vern/CPP-speedup:
use iterator-based idiom for check-if-present-then-access
const-ify member function
switch looping over vectors to use iterators
remove unused local variables
efficiency fix - return a reference rather than a copy of a map
fix for case-sensitive file systems
geez sometimes it's signed sometimes it's not
documentation updates
remove -O add-C++ and -O update-C++ options
extensive rewrite of generation & execution of run-time initialization
factoring out CPPEscape to be a standalone function
removing unused SubNetType class
* origin/topic/timw/1571-move-tunnel-analyzers-2:
Update NEWS and some minor fixes for docs/zeekygen
Remove the old session-based tunnel analyzers
Add GTPv1 packet analyzer, disable old analyzer
Add Teredo packet analyzer, disable old analyzer
Add VXLAN packet analyzer, disable old analyzer
Add Geneve packet analyzer, disable old analyzer
Add AYIYA packet analyzer, disable old analyzer
Add PacketAnalyzer::register_for_port(s) functions
Add analyzer_confirmation and analyzer_violation events
Add utility function for tunnel analyzers to setup encapsulation
Store some additional information in the packet during processing
Minor fix in UDP to avoid duplicating tunnels
Fix error text in IPTunnel analyzer
Change Packet::ip_hdr to be a shared_ptr so it can be copied into EncapsulatingConn
Add method for packet analyzers to register for protocol detection
Add concept of "parent" tag namespaces
Unify plugin::Component and plugin::TaggedComponent into a single class
Remove uses of deprecated Tag types
Unify all of the Tag types into one type
These allow packet analyzers to register ports as identifiers to forward from
parent analyzers, while also adding those ports to the now-global
Analyzer::ports table at the same time.
This allows us to create an EnumType that groups all of the analyzer
tag values into a single type, while still having the existing types
that split them up. We can then use this for certain events that benefit
from taking all of the tag types at once.
These two are almost always used in conjunction with each other, and
TaggedComponent is never used by itself. Combining them together into
a single class will help simplify some of the code around managing
the mapping between Tags and Components.
- Remove tag types for each component type (analyzer, etc)
- Add deprecated versions of the old types
- Remove unnecessary tag element from templates for TaggedComponent and ComponentManager
- Enable TaggedComponent to pass an EnumType when initializing Tag objects
- Update some tests that are affected by the tag enum values changing order
* origin/topic/johanna/openssl-3-compat:
Update cmake submodule for OpenSSL 3.0 changes
OpenSSL 3: normalize self-signed-cert error message
Make cmake & ci like OpenSSL 3.0
Add OpenSSL 3.0 CI test
OpenSSL 3: fix warnings and tests
Switch OpaqueVal hashing back to legacy OpenSSL implementation
Fixes GH-1379
Older cmake versions have problems with the version number. When
installing OpenSSL on a 64 bit linux one also needs to create an
additional symlink to get cmake to use the correct library.
This commit fixes the compile-time warnings that OpenSSL 3.0 raises for
our source-code. For the cases where this was necessary we now have two
implementations - one for OpenSSL 1.1 and earlier, and one for OpenSSL
3.0.
This also makes our testsuite pass with OpenSSL 3.0
Relates to GH-1379
If we leave files sitting around, we trigger a Docker image double-build in CI,
because the build runs once, gets tested, and then gets run again when we push
the Docker image: the additional btest files cause Docker to detect a different
source tree, causing an image layer violation.
Also rename "cleanup" target to "clean", to align with rest of our tree.
This commit switches hashing from the more modern EVP message digest to
the older direct function calls, that are deprecated as of OpenSSL 3.0.
The reason is that we require the ability to store the internal state of
hash operations to disk. This is no longer possible with the
architecture that is used by the EVP digests; it is, however, possible
when using the legacy methods.
There might be a way to do this more cleanly in OpenSSL 3.1 - but for
the moment this seems like the easiest solution - even though I am not
really happy about it.
For details see zeek/zeek#1379 and openssl/openssl#14222
