Merge pull request #181 from MattCarothers/fix_python_string_copy_crash

Fix a crash bug related to copying strings

ci (release.yml): Allow missing CHANGELOG.md entry (#176)

In rare cases (e.g. #174) we may want to run the "release" CI job
to generate the binaries without making any code changes.

Merge pull request #171 from vnetman/main

Fix 4.0 plugin build breakage. Update binaries for 4.0, 4.2 and 4.4.

automated builds for linux, mac and windows wireshark plugins (#170)

ja4: Fix parsing of `tshark --version` output (#165)

Bump version to 0.18.3.

Update zkg.meta

JA4H: Sort cookie-pairs properly (#70)

Don't sort cookie-strings. Instead, split the cookie-pair on the first `'='`
and sort the vector of `(cookie-name, cookie-value)`.

Kudos to @awick for reporting the bug and explaining the correct semantics!

Closes #58

Fix JA4SSH and JA4H (#69)

* [fix] Generate a JA4SSH fingerprint every 200 _SSH_ packets

* Fix calculation of JA4H_c

Related issue: #58

Rust app fixes (#59)

* ja4x: Provide more context in the error message

Before:

```
❯ ja4x socks4-https.pcap
Error:
   0: Parsing Error: Der(InvalidLength)

Location:
   ja4x/src/main.rs:53

Backtrace omitted. Run with RUST_BACKTRACE=1 environment variable to display it.
Run with RUST_BACKTRACE=full to include source snippets.
```

After:

```
❯ ja4x socks4-https.pcap
Error:
   0: ../pcap/socks4-https.pcap: unsupported file format
   1: Parsing Error: Der(InvalidLength)

Location:
   ja4x/src/main.rs:57

Suggestion: please provide DER- or PEM-encoded certificate

Backtrace omitted. Run with RUST_BACKTRACE=1 environment variable to display it.
Run with RUST_BACKTRACE=full to include source snippets.
```

Related issue: #52

* ja4: Add `tshark --version` output to the logs

* ja4 (JA4L): Fix a debug mode panic

Related issue: #51

* Fix processing of VPN packets

A packet may contain multiple TCP and/or UDP layers. For example,
Generic Routing Encapsulation (GRE) tunneling protocol allows
the encapsulation of packets from one network protocol within
the packets of another protocol.

Look for the *last* IP/TCP/UDP frame in a packet.

Related issue: #51

* [fix] ja4: Skip packets containing `icmpv6` protocol

Related issue: #51

* [fix] Handle SSH traffic encapsulated in GRE

Related issue: #51

* JA4SSH: Fix the mode of TCP payload length algorithm

Handle collisions. Make results deterministic.

Related issue: #51

Rust implementation fixes (#45)

* JA4: Include SNI and ALPN in the "original" outputs

Include SNI (0000) and ALPN (0010) in `ja4_o` and `ja4_ro` output.

Context: #40 (comment)

* JA4H: Ignore case when searching for "Cookie" and "Referer" fields

* JA4: Take `sig_hash_alg` values from `signature_algorithms` extension only

Related issue: #41

* Update Rust dependencies