file_analysis: include cleanup

src/Reporter.cc

@@ -15,6 +15,7 @@
 #include "Net.h"
 #include "Conn.h"
 #include "Timer.h"
+#include "Var.h" // for internal_val()
 #include "EventHandler.h"
 #include "plugin/Plugin.h"
 #include "plugin/Manager.h"

src/analyzer/protocol/ayiya/ayiya-analyzer.pac

@@ -1,5 +1,6 @@
 %extern{
 #include "Sessions.h"
+#include "Conn.h"
 %}
 
 connection AYIYA_Conn(bro_analyzer: BroAnalyzer)

src/file_analysis/Analyzer.cc

@@ -2,6 +2,7 @@
 
 #include "Analyzer.h"
 #include "Manager.h"
+#include "Val.h"
 
 file_analysis::ID file_analysis::Analyzer::id_counter = 0;
 
@@ -17,3 +18,13 @@ void file_analysis::Analyzer::SetAnalyzerTag(const file_analysis::Tag& arg_tag)
 	assert(! tag || tag == arg_tag);
 	tag = arg_tag;
 	}
+
+file_analysis::Analyzer::Analyzer(file_analysis::Tag arg_tag, RecordVal* arg_args, File* arg_file)
+	: tag(arg_tag),
+	  args(arg_args->Ref()->AsRecordVal()),
+	  file(arg_file),
+	  got_stream_delivery(false),
+	  skip(false)
+	{
+	id = ++id_counter;
+	}

src/file_analysis/Analyzer.h

@@ -2,11 +2,11 @@
 
 #pragma once
 
-#include "Val.h"
-#include "NetVar.h"
 #include "Tag.h"
 
-#include "file_analysis/file_analysis.bif.h"
+#include <sys/types.h> // for u_char
+
+class RecordVal;
 
 namespace file_analysis {
 
@@ -146,15 +146,7 @@ protected:
 	 *        tunable options, if any, related to a particular analyzer type.
 	 * @param arg_file the file to which the the analyzer is being attached.
 	 */
-	Analyzer(file_analysis::Tag arg_tag, RecordVal* arg_args, File* arg_file)
+	Analyzer(file_analysis::Tag arg_tag, RecordVal* arg_args, File* arg_file);
-	    : tag(arg_tag),
-	      args(arg_args->Ref()->AsRecordVal()),
-	      file(arg_file),
-	      got_stream_delivery(false),
-	      skip(false)
-		{
-		id = ++id_counter;
-		}
 
 	/**
 	 * Constructor.  Only derived classes are meant to be instantiated.

src/file_analysis/AnalyzerSet.cc

@@ -4,6 +4,9 @@
 #include "File.h"
 #include "Analyzer.h"
 #include "Manager.h"
+#include "CompHash.h"
+#include "Val.h"
+#include "file_analysis/file_analysis.bif.h"
 
 using namespace file_analysis;
 
@@ -106,6 +109,12 @@ bool AnalyzerSet::AddMod::Perform(AnalyzerSet* set)
 	return true;
 	}
 
+void AnalyzerSet::AddMod::Abort()
+	{
+	delete a;
+	delete key;
+	}
+
 bool AnalyzerSet::Remove(const file_analysis::Tag& tag, RecordVal* args)
 	{
 	return Remove(tag, GetKey(tag, args));

src/file_analysis/AnalyzerSet.h

@@ -4,14 +4,17 @@
 
 #include <queue>
 
-#include "Analyzer.h"
 #include "Dict.h"
-#include "CompHash.h"
-#include "Val.h"
 #include "Tag.h"
 
+using std::queue;
+
+class CompositeHash;
+class RecordVal;
+
 namespace file_analysis {
 
+class Analyzer;
 class File;
 
 /**
@@ -173,7 +176,7 @@ private:
 			: Modification(), a(arg_a), key(arg_key) {}
 		~AddMod() override {}
 		bool Perform(AnalyzerSet* set) override;
-		void Abort() override { delete a; delete key; }
+		void Abort() override;
 
 	protected:
 		file_analysis::Analyzer* a;

src/file_analysis/File.h

@@ -2,17 +2,22 @@
 
 #pragma once
 
+#include <list>
 #include <string>
 #include <utility>
 
+#include "analyzer/Tag.h"
 #include "AnalyzerSet.h"
 #include "BroString.h"
+#include "BroList.h" // for val_list
 #include "WeirdState.h"
 
 using std::string;
 
 class Connection;
+class RecordType;
 class RecordVal;
+class EventHandlerPtr;
 
 namespace file_analysis {
 

src/file_analysis/Manager.cc

@@ -10,6 +10,7 @@
 
 #include "plugin/Manager.h"
 #include "analyzer/Manager.h"
+#include "file_analysis/file_analysis.bif.h"
 
 #include <openssl/md5.h>
 

src/file_analysis/Manager.h

@@ -12,7 +12,7 @@
 
 #include "plugin/ComponentManager.h"
 
-#include "file_analysis/file_analysis.bif.h"
+#include "analyzer/Tag.h"
 
 using std::map;
 using std::set;

src/file_analysis/analyzer/data_event/DataEvent.cc

@@ -5,6 +5,7 @@
 #include "DataEvent.h"
 #include "EventRegistry.h"
 #include "Event.h"
+#include "Func.h"
 #include "util.h"
 #include "file_analysis/Manager.h"
 

src/file_analysis/analyzer/data_event/DataEvent.h

@@ -7,6 +7,7 @@
 #include "Val.h"
 #include "File.h"
 #include "Analyzer.h"
+#include "EventHandler.h"
 
 namespace file_analysis {
 

src/file_analysis/analyzer/extract/functions.bif

@@ -4,6 +4,7 @@ module FileExtract;
 
 %%{
 #include "file_analysis/Manager.h"
+#include "file_analysis/file_analysis.bif.h"
 %%}
 
 ## :zeek:see:`FileExtract::set_limit`.

src/file_analysis/analyzer/x509/OCSP.cc

@@ -10,6 +10,7 @@
 #include "types.bif.h"
 #include "ocsp_events.bif.h"
 
+#include "file_analysis/File.h"
 #include "file_analysis/Manager.h"
 
 #include <openssl/x509.h>

src/file_analysis/analyzer/x509/OCSP.h

@@ -4,14 +4,14 @@
 
 #include <string>
 
-#include "../File.h"
-#include "Analyzer.h"
 #include "X509Common.h"
 
 #include <openssl/ocsp.h>
 
 namespace file_analysis {
 
+class File;
+
 class OCSP : public file_analysis::X509Common {
 public:
 	bool DeliverStream(const u_char* data, uint64_t len) override;

src/file_analysis/analyzer/x509/X509.cc

@@ -8,6 +8,7 @@
 #include "events.bif.h"
 #include "types.bif.h"
 
+#include "file_analysis/File.h"
 #include "file_analysis/Manager.h"
 
 #include <broker/error.hh>

src/file_analysis/analyzer/x509/X509Common.h

@@ -5,16 +5,20 @@
 
 #pragma once
 
-#include "file_analysis/File.h"
 #include "Analyzer.h"
 
 #include <openssl/x509.h>
 #include <openssl/asn1.h>
 
+class EventHandlerPtr;
 class Reporter;
+class StringVal;
 
 namespace file_analysis {
 
+class Tag;
+class File;
+
 class X509Common : public file_analysis::Analyzer {
 public:
 	~X509Common() override {};