Merge remote-tracking branch 'origin/topic/dnthayer/ticket1963'

* origin/topic/dnthayer/ticket1963:
  Remove unused redef-able constants
  Convert some redef-able constants to runtime options

scripts/base/frameworks/netcontrol/catch-and-release.bro

@@ -142,7 +142,7 @@ export {
 
 	## If true, catch and release warns if packets of an IP address are still seen after it
 	## should have been blocked.
-	const catch_release_warn_blocked_ip_encountered = F &redef;
+	option catch_release_warn_blocked_ip_encountered = F;
 
 	## Time intervals for which subsequent drops of the same IP take
 	## effect.

scripts/base/frameworks/notice/main.bro

@@ -201,14 +201,14 @@ export {
 	## Address that emails will be from.
 	##
 	## Note that this is overridden by the BroControl MailFrom option.
-	const mail_from           = "Big Brother <bro@localhost>" &redef;
+	option mail_from           = "Big Brother <bro@localhost>";
 	## Reply-to address used in outbound email.
-	const reply_to            = "" &redef;
+	option reply_to            = "";
 	## Text string prefixed to the subject of all emails sent out.
 	##
 	## Note that this is overridden by the BroControl MailSubjectPrefix
 	## option.
-	const mail_subject_prefix = "[Bro]" &redef;
+	option mail_subject_prefix = "[Bro]";
 	## The maximum amount of time a plugin can delay email from being sent.
 	const max_email_delay     = 15secs &redef;
 

scripts/base/protocols/dhcp/main.bro

@@ -84,7 +84,7 @@ export {
 	## The maximum amount of time that a transation ID will be watched
 	## for to try and tie messages together into a single DHCP
 	## transaction narrative.
-	const DHCP::max_txid_watch_time = 30secs &redef;
+	option DHCP::max_txid_watch_time = 30secs;
 
 	## This event is used internally to distribute data around clusters
 	## since DHCP doesn't follow the normal "connection" model used by

scripts/base/protocols/dns/main.bro

@@ -113,11 +113,6 @@ export {
 	## DNS message query/transaction ID.
 	type PendingMessages: table[count] of Queue::Queue;
 
-	## The amount of time that DNS queries or replies for a given
-	## query/transaction ID are allowed to be queued while waiting for
-	## a matching reply or query.
-	const pending_msg_expiry_interval = 2min &redef;
-
 	## Give up trying to match pending DNS queries or replies for a given
 	## query/transaction ID once this number of unmatched queries or replies
 	## is reached (this shouldn't happen unless either the DNS server/resolver

scripts/base/protocols/ftp/main.bro

@@ -17,13 +17,13 @@ export {
 	redef enum Log::ID += { LOG };
 
 	## List of commands that should have their command/response pairs logged.
-	const logged_commands = {
+	option logged_commands = {
 		"APPE", "DELE", "RETR", "STOR", "STOU", "ACCT", "PORT", "PASV", "EPRT",
 		"EPSV"
-	} &redef;
+	};
 
 	## User IDs that can be considered "anonymous".
-	const guest_ids = { "anonymous", "ftp", "ftpuser", "guest" } &redef;
+	option guest_ids = { "anonymous", "ftp", "ftpuser", "guest" };
 
 	## This record is to hold a parsed FTP reply code.  For example, for the
 	## 201 status code, the digits would be parsed as: x->2, y->0, z->1.

scripts/base/protocols/http/main.bro

@@ -109,7 +109,7 @@ export {
 	## A list of HTTP methods. Other methods will generate a weird. Note
 	## that the HTTP analyzer will only accept methods consisting solely
 	## of letters ``[A-Za-z]``.
-	const http_methods: set[string] = {
+	option http_methods: set[string] = {
 		"GET", "POST", "HEAD", "OPTIONS",
 		"PUT", "DELETE", "TRACE", "CONNECT",
 		# HTTP methods for distributed authoring:
@@ -117,7 +117,7 @@ export {
 		"COPY", "MOVE", "LOCK", "UNLOCK",
 		"POLL", "REPORT", "SUBSCRIBE", "BMOVE",
 		"SEARCH"
-	} &redef;
+	};
 
 	## Event that can be handled to access the HTTP record as it is sent on
 	## to the logging framework.

scripts/base/protocols/krb/main.bro

@@ -48,7 +48,7 @@ export {
 	};
 
 	## The server response error texts which are *not* logged.
-	const ignored_errors: set[string] = {
+	option ignored_errors: set[string] = {
 		# This will significantly increase the noisiness of the log.
 		# However, one attack is to iterate over principals, looking
 		# for ones that don't require preauth, and then performn
@@ -58,7 +58,7 @@ export {
 		# This is a more specific version of NEEDED_PREAUTH that's used
 		# by Windows AD Kerberos.
 		"Need to use PA-ENC-TIMESTAMP/PA-PK-AS-REQ",
-	} &redef;
+	};
 
 	## Event that can be handled to access the KRB record as it is sent on
 	## to the logging framework.

scripts/base/protocols/sip/main.bro

@@ -80,9 +80,9 @@ export {
 	## A list of SIP methods. Other methods will generate a weird. Note
 	## that the SIP analyzer will only accept methods consisting solely
 	## of letters ``[A-Za-z]``.
-	const sip_methods: set[string] = {
+	option sip_methods: set[string] = {
 		"REGISTER", "INVITE", "ACK", "CANCEL", "BYE", "OPTIONS", "NOTIFY", "SUBSCRIBE"
-	} &redef;
+	};
 
 	## Event that can be handled to access the SIP record as it is sent on
 	## to the logging framework.

scripts/base/protocols/smb/main.bro

@@ -33,14 +33,14 @@ export {
 	};
 
 	## The file actions which are logged.
-	const logged_file_actions: set[Action] = {
+	option logged_file_actions: set[Action] = {
 		FILE_OPEN,
 		FILE_RENAME,
 		FILE_DELETE,
 
 		PRINT_OPEN,
 		PRINT_CLOSE,
-	} &redef;
+	};
 
 	## This record is for the smb_files.log
 	type FileInfo: record {

scripts/base/utils/exec.bro

@@ -42,9 +42,6 @@ export {
 	## Returns: A record representing the full results from the
 	##          external program execution.
 	global run: function(cmd: Command): Result;
-
-	## The system directory for temporary files.
-	const tmp_dir = "/tmp" &redef;
 }
 
 # Indexed by command uid.