Make constants in IP::ParseResult uppercase, deprecate the old ones

src/packet_analysis/protocol/gtpv1/GTPv1.cc

@@ -55,7 +55,7 @@ bool GTPv1_Analyzer::AnalyzePacket(size_t len, const uint8_t* data, Packet* pack
     std::shared_ptr<IP_Hdr> inner = nullptr;
     auto result = packet_analysis::IP::ParsePacket(len, data, next_header, inner);
 
-    if ( result == packet_analysis::IP::ParseResult::Ok ) {
+    if ( result == packet_analysis::IP::ParseResult::OK ) {
         cm_it->second->set_valid(packet->is_orig, true);
 
         if ( (! BifConst::Tunnel::delay_gtp_confirmation) ||
@@ -67,12 +67,12 @@ bool GTPv1_Analyzer::AnalyzePacket(size_t len, const uint8_t* data, Packet* pack
             gtp_hdr_val = nullptr;
         }
     }
-    else if ( result == packet_analysis::IP::ParseResult::BadProtocol ) {
+    else if ( result == packet_analysis::IP::ParseResult::BAD_PROTOCOL ) {
         AnalyzerViolation("Invalid IP version in wrapped packet", packet->session);
         gtp_hdr_val = nullptr;
         return false;
     }
-    else if ( result == packet_analysis::IP::ParseResult::CaplenTooSmall ) {
+    else if ( result == packet_analysis::IP::ParseResult::CAPLEN_TOO_SMALL ) {
         AnalyzerViolation("Truncated GTPv1", packet->session);
         gtp_hdr_val = nullptr;
         return false;

src/packet_analysis/protocol/ip/IP.cc

@@ -276,29 +276,29 @@ ParseResult zeek::packet_analysis::IP::ParsePacket(int caplen, const u_char* con
                                                    std::shared_ptr<zeek::IP_Hdr>& inner) {
     if ( proto == IPPROTO_IPV6 ) {
         if ( caplen < (int)sizeof(struct ip6_hdr) )
-            return ParseResult::CaplenTooSmall;
+            return ParseResult::CAPLEN_TOO_SMALL;
 
         const struct ip6_hdr* ip6 = (const struct ip6_hdr*)pkt;
         inner = std::make_shared<zeek::IP_Hdr>(ip6, false, caplen);
         if ( (ip6->ip6_ctlun.ip6_un2_vfc & 0xF0) != 0x60 )
-            return ParseResult::BadProtocol;
+            return ParseResult::BAD_PROTOCOL;
     }
 
     else if ( proto == IPPROTO_IPV4 ) {
         if ( caplen < (int)sizeof(struct ip) )
-            return ParseResult::BadProtocol;
+            return ParseResult::BAD_PROTOCOL;
 
         const struct ip* ip4 = (const struct ip*)pkt;
         inner = std::make_shared<zeek::IP_Hdr>(ip4, false);
         if ( ip4->ip_v != 4 )
-            return ParseResult::BadProtocol;
+            return ParseResult::BAD_PROTOCOL;
     }
     else {
-        return ParseResult::BadProtocol;
+        return ParseResult::BAD_PROTOCOL;
     }
 
     if ( (uint32_t)caplen != inner->TotalLen() )
-        return (uint32_t)caplen < inner->TotalLen() ? ParseResult::CaplenTooSmall : ParseResult::CaplenTooLarge;
+        return (uint32_t)caplen < inner->TotalLen() ? ParseResult::CAPLEN_TOO_SMALL : ParseResult::CAPLEN_TOO_LARGE;
 
-    return ParseResult::Ok;
+    return ParseResult::OK;
 }

src/packet_analysis/protocol/ip/IP.h

@@ -30,10 +30,14 @@ private:
 };
 
 enum class ParseResult : int8_t {
-    CaplenTooSmall = -1,
-    BadProtocol = -2,
-    Ok = 0,
-    CaplenTooLarge = 1,
+    CAPLEN_TOO_SMALL = -1,
+    CaplenTooSmall [[deprecated("Remove in v8.1, use ParseResult::CAPLEN_TOO_SMALL.")]] = CAPLEN_TOO_SMALL,
+    BAD_PROTOCOL = -2,
+    BadProtocol [[deprecated("Remove in v8.1, use ParseResult::BAD_PROTOCOL.")]] = BAD_PROTOCOL,
+    OK = 0,
+    Ok [[deprecated("Remove in v8.1, use ParseResult::OK.")]] = OK,
+    CAPLEN_TOO_LARGE = 1,
+    CaplenTooLarge [[deprecated("Remove in v8.1, use ParseResult::CAPLEN_TOO_LARGE.")]] = CAPLEN_TOO_LARGE,
 };
 
 /**

src/packet_analysis/protocol/iptunnel/IPTunnel.cc

@@ -37,14 +37,14 @@ bool IPTunnelAnalyzer::AnalyzePacket(size_t len, const uint8_t* data, Packet* pa
     if ( gre_version != 0 ) {
         // Check for a valid inner packet first.
         auto result = packet_analysis::IP::ParsePacket(len, data, proto, inner);
-        if ( result == packet_analysis::IP::ParseResult::BadProtocol )
+        if ( result == packet_analysis::IP::ParseResult::BAD_PROTOCOL )
             Weird("invalid_inner_IP_version", packet);
-        else if ( result == packet_analysis::IP::ParseResult::CaplenTooSmall )
+        else if ( result == packet_analysis::IP::ParseResult::CAPLEN_TOO_SMALL )
             Weird("truncated_inner_IP", packet);
-        else if ( result == packet_analysis::IP::ParseResult::CaplenTooLarge )
+        else if ( result == packet_analysis::IP::ParseResult::CAPLEN_TOO_LARGE )
             Weird("inner_IP_payload_length_mismatch", packet);
 
-        if ( result != packet_analysis::IP::ParseResult::Ok )
+        if ( result != packet_analysis::IP::ParseResult::OK )
             return false;
     }
 

src/packet_analysis/protocol/teredo/Teredo.cc

@@ -168,7 +168,7 @@ bool TeredoAnalyzer::AnalyzePacket(size_t len, const uint8_t* data, Packet* pack
     // and reused in the IP analyzer somehow?
     std::shared_ptr<IP_Hdr> inner = nullptr;
     auto result = packet_analysis::IP::ParsePacket(len, te.InnerIP(), IPPROTO_IPV6, inner);
-    if ( result == packet_analysis::IP::ParseResult::CaplenTooLarge ) {
+    if ( result == packet_analysis::IP::ParseResult::CAPLEN_TOO_LARGE ) {
         if ( inner->NextProto() == IPPROTO_NONE && inner->PayloadLen() == 0 )
             // Teredo bubbles having data after IPv6 header isn't strictly a
             // violation, but a little weird.
@@ -179,8 +179,8 @@ bool TeredoAnalyzer::AnalyzePacket(size_t len, const uint8_t* data, Packet* pack
         }
     }
 
-    if ( result == packet_analysis::IP::ParseResult::CaplenTooSmall ||
-         result == packet_analysis::IP::ParseResult::BadProtocol ) {
+    if ( result == packet_analysis::IP::ParseResult::CAPLEN_TOO_SMALL ||
+         result == packet_analysis::IP::ParseResult::BAD_PROTOCOL ) {
         AnalyzerViolation("Truncated Teredo or invalid inner IP version", conn, (const char*)data, len);
         return false;
     }