GH-700: add zeek_args() BIF

Provides access to all zeek command-line arguments ("argv").

src/zeek.bif

@@ -23,6 +23,7 @@
 #include "file_analysis/Manager.h"
 #include "iosource/Manager.h"
 #include "iosource/Packet.h"
+#include "IntrusivePtr.h"
 
 using namespace std;
 
@@ -1877,6 +1878,18 @@ function type_name%(t: any%): string
 	return new StringVal(s);
 	%}
 
+## Returns: list of command-line arguments (``argv``) used to run Zeek.
+function zeek_args%(%): string_vec
+	%{
+	auto sv = internal_type("string_vec")->AsVectorType();
+	auto rval = make_intrusive<VectorVal>(sv);
+
+	for ( auto i = 0; i < bro_argc; ++i )
+		rval->Assign(rval->Size(), new StringVal(bro_argv[i]));
+
+	return rval.detach();
+	%}
+
 ## Checks whether Zeek reads traffic from one or more network interfaces (as
 ## opposed to from a network trace in a file). Note that this function returns
 ## true even after Zeek has stopped reading network traffic, for example due to

testing/btest/Baseline/bifs.zeek_args/out

@@ -0,0 +1 @@
+[zeek, -b, -r, /Users/jsiwek/pro/zeek/zeek/testing/btest/Traces/http/get.trace, -e, print zeek_args()]

testing/btest/bifs/zeek_args.zeek

@@ -0,0 +1,2 @@
+# @TEST-EXEC: zeek -b -r $TRACES/http/get.trace -e 'print zeek_args()' >out
+# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-abspath btest-diff out