Merge remote branch 'origin/topic/seth/ssl-binpac'

* origin/topic/seth/ssl-binpac:
  Fixed bug due to vectors now initially indexed on 0.
  Finished core support for new SSL analyzer.
  SSL analyzer changes with accompanying BiF.
  A table_s_of_s type to get around bifcl type limitation.
  Regenerated the Mozilla CA bundle without the untrusted server authentication certs.
  Complete rewrite to SSL analyzer.

Conflicts:
	src/AnalyzerTags.h
	src/CMakeLists.txt

Notes:

    - Haven't looked at the script-level, postponed to
      policy-scripts-new.

    - I renamed X509Extension to X509_extension for consistency.

src/SSL-binpac.h

@@ -1,12 +1,9 @@
-// $Id:$
-
 #ifndef ssl_binpac_h
 #define ssl_binpac_h
 
 #include "TCP.h"
 
 #include "ssl_pac.h"
-#include "ssl-record-layer_pac.h"
 
 class SSL_Analyzer_binpac : public TCP_ApplicationAnalyzer {
 public:
@@ -23,11 +20,9 @@ public:
 
 	static bool Available()
 		{
-		return FLAGS_use_binpac &&
-			(ssl_certificate_seen || ssl_certificate ||
-			 ssl_conn_attempt || ssl_conn_server_reply ||
-			 ssl_conn_established || ssl_conn_reused ||
-			 ssl_conn_alert);
+		return ( ssl_client_hello || ssl_server_hello ||
+			ssl_established || ssl_extension || ssl_alert ||
+			x509_certificate || x509_extension || x509_error );
 		}
 
 	static bool warnings_generated;
@@ -35,8 +30,7 @@ public:
 	static void generate_warnings();
 
 protected:
-	binpac::SSLRecordLayer::SSLRecordLayerAnalyzer* records;
-	binpac::SSL::SSLAnalyzer* ssl;
+	binpac::SSL::SSLAnalyzer* interp;
 };
 
 #endif