Reimplement serialization infrastructure for OpaqueVals.

We need this to sender through Broker, and we also leverage it for
cloning opaques. The serialization methods now produce Broker data
instances directly, and no longer go through the binary formatter.

Summary of the new API for types derived from OpaqueVal:

    - Add DECLARE_OPAQUE_VALUE(<class>) to the class declaration
    - Add IMPLEMENT_OPAQUE_VALUE(<class>) to the class' implementation file
    - Implement these two methods (which are declated by the 1st macro):
        - broker::data DoSerialize() const
        - bool DoUnserialize(const broker::data& data)

This machinery should work correctly from dynamic plugins as well.

OpaqueVal provides a default implementation of DoClone() as well that
goes through serialization. Derived classes can provide a more
efficient version if they want.

The declaration of the "OpaqueVal" class has moved into the header
file "OpaqueVal.h", along with the new serialization infrastructure.
This is breaking existing code that relies on the location, but
because the API is changing anyways that seems fine.

This adds an internal BiF
"Broker::__opaque_clone_through_serialization" that does what the name
says: deep-copying an opaque by serializing, then-deserializing. That
can be used to tests the new functionality from btests.

Not quite done yet. TODO:
    - Not all tests pass yet:
        [  0%] language.named-set-ctors ... failed
        [ 16%] language.copy-all-opaques ... failed
        [ 33%] language.set-type-checking ... failed
        [ 50%] language.table-init-container-ctors ... failed
        [ 66%] coverage.sphinx-zeekygen-docs ... failed
        [ 83%] scripts.base.frameworks.sumstats.basic-cluster ... failed

      (Some of the serialization may still be buggy.)

    - Clean up the code a bit more.

src/file_analysis/analyzer/x509/OCSP.cc

@@ -711,3 +711,31 @@ OCSP_RESPONSE* OCSP_RESPVal::GetResp() const
 	return ocsp_resp;
 	}
 
+IMPLEMENT_OPAQUE_VALUE(OCSP_RESPVal)
+
+broker::data OCSP_RESPVal::DoSerialize() const
+	{
+        unsigned char *buf = NULL;
+        int length = i2d_OCSP_RESPONSE(ocsp_resp, &buf);
+        if ( length < 0 )
+                return broker::none();
+
+	auto d = std::string(reinterpret_cast<const char*>(buf), length);
+        OPENSSL_free(buf);
+
+	return d;
+	}
+
+bool OCSP_RESPVal::DoUnserialize(const broker::data& data)
+	{
+	if ( caf::get_if<broker::none>(&data) )
+		return false;
+
+	auto s = caf::get_if<std::string>(&data);
+	if ( ! s )
+		return false;
+
+	auto opensslbuf = reinterpret_cast<const unsigned char*>(s->data());
+        ocsp_resp = d2i_OCSP_RESPONSE(NULL, &opensslbuf, s->size());
+	return (ocsp_resp != nullptr);
+	}

src/file_analysis/analyzer/x509/OCSP.h

@@ -5,7 +5,7 @@
 
 #include <string>
 
-#include "Val.h"
+#include "OpaqueVal.h"
 #include "../File.h"
 #include "Analyzer.h"
 #include "X509Common.h"
@@ -44,6 +44,8 @@ public:
 	OCSP_RESPONSE *GetResp() const;
 protected:
 	OCSP_RESPVal();
+
+	DECLARE_OPAQUE_VALUE(OCSP_RESPVal)
 private:
 	OCSP_RESPONSE *ocsp_resp;
 };

src/file_analysis/analyzer/x509/X509.cc

@@ -489,3 +489,32 @@ Val* X509Val::DoClone(CloneState* state)
 	return certificate;
 	}
 
+IMPLEMENT_OPAQUE_VALUE(X509Val)
+
+broker::data X509Val::DoSerialize() const
+	{
+        unsigned char *buf = NULL;
+        int length = i2d_X509(certificate, &buf);
+
+        if ( length < 0 )
+                return broker::none();
+
+	auto d = std::string(reinterpret_cast<const char*>(buf), length);
+        OPENSSL_free(buf);
+
+	return d;
+	}
+
+bool X509Val::DoUnserialize(const broker::data& data)
+	{
+	if ( caf::get_if<broker::none>(&data) )
+		return false;
+
+	auto s = caf::get_if<std::string>(&data);
+	if ( ! s )
+		return false;
+
+	auto opensslbuf = reinterpret_cast<const unsigned char*>(s->data());
+        certificate = d2i_X509(NULL, &opensslbuf, s->size());
+	return (certificate != nullptr);
+	}

src/file_analysis/analyzer/x509/X509.h

@@ -5,7 +5,7 @@
 
 #include <string>
 
-#include "Val.h"
+#include "OpaqueVal.h"
 #include "X509Common.h"
 
 #if ( OPENSSL_VERSION_NUMBER < 0x10002000L ) || defined(LIBRESSL_VERSION_NUMBER)
@@ -151,6 +151,7 @@ protected:
 	 */
 	X509Val();
 
+	DECLARE_OPAQUE_VALUE(X509Val)
 private:
 	::X509* certificate; // the wrapped certificate
 };