diff --git a/src/Reporter.cc b/src/Reporter.cc index 94ba5302f3..978a0a8a39 100644 --- a/src/Reporter.cc +++ b/src/Reporter.cc @@ -15,6 +15,7 @@ #include "Net.h" #include "Conn.h" #include "Timer.h" +#include "Var.h" // for internal_val() #include "EventHandler.h" #include "plugin/Plugin.h" #include "plugin/Manager.h" diff --git a/src/analyzer/protocol/ayiya/ayiya-analyzer.pac b/src/analyzer/protocol/ayiya/ayiya-analyzer.pac index 67a74f4444..935e05d749 100644 --- a/src/analyzer/protocol/ayiya/ayiya-analyzer.pac +++ b/src/analyzer/protocol/ayiya/ayiya-analyzer.pac @@ -1,5 +1,6 @@ %extern{ #include "Sessions.h" +#include "Conn.h" %} connection AYIYA_Conn(bro_analyzer: BroAnalyzer) diff --git a/src/file_analysis/Analyzer.cc b/src/file_analysis/Analyzer.cc index c04c02f818..963c4a693d 100644 --- a/src/file_analysis/Analyzer.cc +++ b/src/file_analysis/Analyzer.cc @@ -2,6 +2,7 @@ #include "Analyzer.h" #include "Manager.h" +#include "Val.h" file_analysis::ID file_analysis::Analyzer::id_counter = 0; @@ -17,3 +18,13 @@ void file_analysis::Analyzer::SetAnalyzerTag(const file_analysis::Tag& arg_tag) assert(! tag || tag == arg_tag); tag = arg_tag; } + +file_analysis::Analyzer::Analyzer(file_analysis::Tag arg_tag, RecordVal* arg_args, File* arg_file) + : tag(arg_tag), + args(arg_args->Ref()->AsRecordVal()), + file(arg_file), + got_stream_delivery(false), + skip(false) + { + id = ++id_counter; + } diff --git a/src/file_analysis/Analyzer.h b/src/file_analysis/Analyzer.h index 70fd3e149b..029a4df082 100644 --- a/src/file_analysis/Analyzer.h +++ b/src/file_analysis/Analyzer.h @@ -2,11 +2,11 @@ #pragma once -#include "Val.h" -#include "NetVar.h" #include "Tag.h" -#include "file_analysis/file_analysis.bif.h" +#include // for u_char + +class RecordVal; namespace file_analysis { @@ -146,15 +146,7 @@ protected: * tunable options, if any, related to a particular analyzer type. * @param arg_file the file to which the the analyzer is being attached. */ - Analyzer(file_analysis::Tag arg_tag, RecordVal* arg_args, File* arg_file) - : tag(arg_tag), - args(arg_args->Ref()->AsRecordVal()), - file(arg_file), - got_stream_delivery(false), - skip(false) - { - id = ++id_counter; - } + Analyzer(file_analysis::Tag arg_tag, RecordVal* arg_args, File* arg_file); /** * Constructor. Only derived classes are meant to be instantiated. diff --git a/src/file_analysis/AnalyzerSet.cc b/src/file_analysis/AnalyzerSet.cc index 4bc49e802d..d3cbe300f1 100644 --- a/src/file_analysis/AnalyzerSet.cc +++ b/src/file_analysis/AnalyzerSet.cc @@ -4,6 +4,9 @@ #include "File.h" #include "Analyzer.h" #include "Manager.h" +#include "CompHash.h" +#include "Val.h" +#include "file_analysis/file_analysis.bif.h" using namespace file_analysis; @@ -106,6 +109,12 @@ bool AnalyzerSet::AddMod::Perform(AnalyzerSet* set) return true; } +void AnalyzerSet::AddMod::Abort() + { + delete a; + delete key; + } + bool AnalyzerSet::Remove(const file_analysis::Tag& tag, RecordVal* args) { return Remove(tag, GetKey(tag, args)); diff --git a/src/file_analysis/AnalyzerSet.h b/src/file_analysis/AnalyzerSet.h index 3f8848d22e..a1960a2e1a 100644 --- a/src/file_analysis/AnalyzerSet.h +++ b/src/file_analysis/AnalyzerSet.h @@ -4,14 +4,17 @@ #include -#include "Analyzer.h" #include "Dict.h" -#include "CompHash.h" -#include "Val.h" #include "Tag.h" +using std::queue; + +class CompositeHash; +class RecordVal; + namespace file_analysis { +class Analyzer; class File; /** @@ -173,7 +176,7 @@ private: : Modification(), a(arg_a), key(arg_key) {} ~AddMod() override {} bool Perform(AnalyzerSet* set) override; - void Abort() override { delete a; delete key; } + void Abort() override; protected: file_analysis::Analyzer* a; diff --git a/src/file_analysis/File.h b/src/file_analysis/File.h index 058de9f153..1580d0f298 100644 --- a/src/file_analysis/File.h +++ b/src/file_analysis/File.h @@ -2,17 +2,22 @@ #pragma once +#include #include #include +#include "analyzer/Tag.h" #include "AnalyzerSet.h" #include "BroString.h" +#include "BroList.h" // for val_list #include "WeirdState.h" using std::string; class Connection; +class RecordType; class RecordVal; +class EventHandlerPtr; namespace file_analysis { diff --git a/src/file_analysis/Manager.cc b/src/file_analysis/Manager.cc index bc55c734e5..36fa76e9f8 100644 --- a/src/file_analysis/Manager.cc +++ b/src/file_analysis/Manager.cc @@ -10,6 +10,7 @@ #include "plugin/Manager.h" #include "analyzer/Manager.h" +#include "file_analysis/file_analysis.bif.h" #include diff --git a/src/file_analysis/Manager.h b/src/file_analysis/Manager.h index 0c4d46e95b..02da6aa182 100644 --- a/src/file_analysis/Manager.h +++ b/src/file_analysis/Manager.h @@ -12,7 +12,7 @@ #include "plugin/ComponentManager.h" -#include "file_analysis/file_analysis.bif.h" +#include "analyzer/Tag.h" using std::map; using std::set; diff --git a/src/file_analysis/analyzer/data_event/DataEvent.cc b/src/file_analysis/analyzer/data_event/DataEvent.cc index 08f31addb3..7614127ea7 100644 --- a/src/file_analysis/analyzer/data_event/DataEvent.cc +++ b/src/file_analysis/analyzer/data_event/DataEvent.cc @@ -5,6 +5,7 @@ #include "DataEvent.h" #include "EventRegistry.h" #include "Event.h" +#include "Func.h" #include "util.h" #include "file_analysis/Manager.h" diff --git a/src/file_analysis/analyzer/data_event/DataEvent.h b/src/file_analysis/analyzer/data_event/DataEvent.h index 9120412665..5027fd78ed 100644 --- a/src/file_analysis/analyzer/data_event/DataEvent.h +++ b/src/file_analysis/analyzer/data_event/DataEvent.h @@ -7,6 +7,7 @@ #include "Val.h" #include "File.h" #include "Analyzer.h" +#include "EventHandler.h" namespace file_analysis { diff --git a/src/file_analysis/analyzer/extract/functions.bif b/src/file_analysis/analyzer/extract/functions.bif index c91f0590bd..bdec388380 100644 --- a/src/file_analysis/analyzer/extract/functions.bif +++ b/src/file_analysis/analyzer/extract/functions.bif @@ -4,6 +4,7 @@ module FileExtract; %%{ #include "file_analysis/Manager.h" +#include "file_analysis/file_analysis.bif.h" %%} ## :zeek:see:`FileExtract::set_limit`. diff --git a/src/file_analysis/analyzer/x509/OCSP.cc b/src/file_analysis/analyzer/x509/OCSP.cc index dd7d378f0d..c861e1bcb5 100644 --- a/src/file_analysis/analyzer/x509/OCSP.cc +++ b/src/file_analysis/analyzer/x509/OCSP.cc @@ -10,6 +10,7 @@ #include "types.bif.h" #include "ocsp_events.bif.h" +#include "file_analysis/File.h" #include "file_analysis/Manager.h" #include diff --git a/src/file_analysis/analyzer/x509/OCSP.h b/src/file_analysis/analyzer/x509/OCSP.h index f3c1465ed1..06ea1dd25a 100644 --- a/src/file_analysis/analyzer/x509/OCSP.h +++ b/src/file_analysis/analyzer/x509/OCSP.h @@ -4,14 +4,14 @@ #include -#include "../File.h" -#include "Analyzer.h" #include "X509Common.h" #include namespace file_analysis { +class File; + class OCSP : public file_analysis::X509Common { public: bool DeliverStream(const u_char* data, uint64_t len) override; diff --git a/src/file_analysis/analyzer/x509/X509.cc b/src/file_analysis/analyzer/x509/X509.cc index bf9539c9aa..a96f4e2fff 100644 --- a/src/file_analysis/analyzer/x509/X509.cc +++ b/src/file_analysis/analyzer/x509/X509.cc @@ -8,6 +8,7 @@ #include "events.bif.h" #include "types.bif.h" +#include "file_analysis/File.h" #include "file_analysis/Manager.h" #include diff --git a/src/file_analysis/analyzer/x509/X509Common.h b/src/file_analysis/analyzer/x509/X509Common.h index 72f667e6e9..2fd69c17ee 100644 --- a/src/file_analysis/analyzer/x509/X509Common.h +++ b/src/file_analysis/analyzer/x509/X509Common.h @@ -5,16 +5,20 @@ #pragma once -#include "file_analysis/File.h" #include "Analyzer.h" #include #include +class EventHandlerPtr; class Reporter; +class StringVal; namespace file_analysis { +class Tag; +class File; + class X509Common : public file_analysis::Analyzer { public: ~X509Common() override {};