Handle and log unhandled_version

scripts/main.zeek

@@ -157,6 +157,19 @@ event QUIC::retry_packet(c: connection, is_orig: bool, version: count, dcid: str
 	delete c$quic;
 	}
 
+# If we couldn't handle a version, log it as a single record.
+event QUIC::unhandled_version(c: connection, is_orig: bool, version: count, dcid: string, scid: string)
+	{
+	if ( ! c?$quic )
+		set_conn(c, is_orig, version, dcid, scid);
+
+	add_to_history(c, is_orig, "UNHANDLED_VERSION");
+
+	log_record(c$quic);
+
+	delete c$quic;
+	}
+
 # Upon a connection_close_frame(), if any c$quic state is pending to be logged, do so
 # now and prepare for a new entry.
 event QUIC::connection_close_frame(c: connection, is_orig: bool, version: count, dcid: string, scid: string, error_code: count, reason_phrase: string)

testing/Baseline/tests.vector-max-size-crash/quic.log

@@ -0,0 +1,11 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	quic
+#open XXXX-XX-XX-XX-XX-XX
+#fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	version	client_initial_dcid	server_scid	server_name	client_protocol	history
+#types	time	string	addr	port	addr	port	string	string	string	string	string	string
+XXXXXXXXXX.XXXXXX	CHhAvVGS1DHFjwGM9	1.2.3.4	45492	7.7.7.7	443	unknown-10010000	00	-	-	-	U
+#close XXXX-XX-XX-XX-XX-XX

testing/tests/vector-max-size-crash.zeek

@@ -4,6 +4,7 @@
 # @TEST-EXEC: zeek-cut -m ts uid cause analyzer_kind analyzer_name failure_reason < analyzer.log > analyzer.log.cut
 # @TEST-EXEC: btest-diff conn.log.cut
 # @TEST-EXEC: btest-diff out
+# @TEST-EXEC: btest-diff quic.log
 
 # @TEST-EXEC: TEST_DIFF_CANONIFIER='sed -r "s/\((.+)\.spicy:[0-9]+:[0-9]+\)/(\1.spicy:<line>:<column>)/g" | $SCRIPTS/diff-remove-abspath' btest-diff analyzer.log.cut