factor some functionality used by BiFs to make accessible to ZAM instructions

src/Conn.h

@@ -234,4 +234,9 @@ private:
     static uint64_t current_connections;
 };
 
+// The following is used by script optimization.
+namespace detail {
+extern RecordValPtr build_dummy_conn_record();
+}
+
 } // namespace zeek

src/analyzer/protocol/conn-size/ConnSize.h

@@ -47,4 +47,7 @@ protected:
     double duration_thresh;
 };
 
+// Exposed to make it available to script optimization.
+extern zeek::analyzer::Analyzer* GetConnsizeAnalyzer(zeek::Val* cid);
+
 } // namespace zeek::analyzer::conn_size

src/analyzer/protocol/conn-size/functions.bif

@@ -3,13 +3,13 @@
 #include "zeek/Reporter.h"
 #include "zeek/session/Manager.h"
 
-static zeek::analyzer::Analyzer* GetConnsizeAnalyzer(zeek::Val* cid)
+zeek::analyzer::Analyzer* zeek::analyzer::conn_size::GetConnsizeAnalyzer(zeek::Val* cid)
 	{
-	zeek::Connection* c = zeek::session_mgr->FindConnection(cid);
+	auto c = zeek::session_mgr->FindConnection(cid);
 	if ( ! c )
 		return nullptr;
 
-	zeek::analyzer::Analyzer* a = c->FindAnalyzer("CONNSIZE");
+	auto a = c->FindAnalyzer("CONNSIZE");
 	if ( ! a )
 		zeek::reporter->Error("connection does not have ConnSize analyzer");
 
@@ -33,13 +33,13 @@ static zeek::analyzer::Analyzer* GetConnsizeAnalyzer(zeek::Val* cid)
 ##               set_current_conn_duration_threshold get_current_conn_duration_threshold
 function set_current_conn_bytes_threshold%(cid: conn_id, threshold: count, is_orig: bool%): bool
 	%{
-	zeek::analyzer::Analyzer* a = GetConnsizeAnalyzer(cid);
+	auto a = analyzer::conn_size::GetConnsizeAnalyzer(cid);
 	if ( ! a )
-		return zeek::val_mgr->False();
+		return val_mgr->False();
 
-	static_cast<zeek::analyzer::conn_size::ConnSize_Analyzer*>(a)->SetByteAndPacketThreshold(threshold, true, is_orig);
+	static_cast<analyzer::conn_size::ConnSize_Analyzer*>(a)->SetByteAndPacketThreshold(threshold, true, is_orig);
 
-	return zeek::val_mgr->True();
+	return val_mgr->True();
 	%}
 
 ## Sets a threshold for connection packets, overwriting any potential old thresholds.
@@ -57,13 +57,13 @@ function set_current_conn_bytes_threshold%(cid: conn_id, threshold: count, is_or
 ##               set_current_conn_duration_threshold get_current_conn_duration_threshold
 function set_current_conn_packets_threshold%(cid: conn_id, threshold: count, is_orig: bool%): bool
 	%{
-	zeek::analyzer::Analyzer* a = GetConnsizeAnalyzer(cid);
+	auto a = analyzer::conn_size::GetConnsizeAnalyzer(cid);
 	if ( ! a )
-		return zeek::val_mgr->False();
+		return val_mgr->False();
 
-	static_cast<zeek::analyzer::conn_size::ConnSize_Analyzer*>(a)->SetByteAndPacketThreshold(threshold, false, is_orig);
+	static_cast<analyzer::conn_size::ConnSize_Analyzer*>(a)->SetByteAndPacketThreshold(threshold, false, is_orig);
 
-	return zeek::val_mgr->True();
+	return val_mgr->True();
 	%}
 
 ## Sets the current duration threshold for connection, overwriting any potential old
@@ -79,13 +79,13 @@ function set_current_conn_packets_threshold%(cid: conn_id, threshold: count, is_
 ##               get_current_conn_duration_threshold
 function set_current_conn_duration_threshold%(cid: conn_id, threshold: interval%): bool
 	%{
-	zeek::analyzer::Analyzer* a = GetConnsizeAnalyzer(cid);
+	auto a = analyzer::conn_size::GetConnsizeAnalyzer(cid);
 	if ( ! a )
-		return zeek::val_mgr->False();
+		return val_mgr->False();
 
-	static_cast<zeek::analyzer::conn_size::ConnSize_Analyzer*>(a)->SetDurationThreshold(threshold);
+	static_cast<analyzer::conn_size::ConnSize_Analyzer*>(a)->SetDurationThreshold(threshold);
 
-	return zeek::val_mgr->True();
+	return val_mgr->True();
 	%}
 
 # Gets the current byte threshold size for a connection.
@@ -101,11 +101,11 @@ function set_current_conn_duration_threshold%(cid: conn_id, threshold: interval%
 ##               get_current_conn_duration_threshold
 function get_current_conn_bytes_threshold%(cid: conn_id, is_orig: bool%): count
 	%{
-	zeek::analyzer::Analyzer* a = GetConnsizeAnalyzer(cid);
+	auto a = analyzer::conn_size::GetConnsizeAnalyzer(cid);
 	if ( ! a )
-		return zeek::val_mgr->Count(0);
+		return val_mgr->Count(0);
 
-	return zeek::val_mgr->Count(static_cast<zeek::analyzer::conn_size::ConnSize_Analyzer*>(a)->GetByteAndPacketThreshold(true, is_orig));
+	return val_mgr->Count(static_cast<analyzer::conn_size::ConnSize_Analyzer*>(a)->GetByteAndPacketThreshold(true, is_orig));
 	%}
 
 ## Gets the current packet threshold size for a connection.
@@ -120,11 +120,11 @@ function get_current_conn_bytes_threshold%(cid: conn_id, is_orig: bool%): count
 ##               get_current_conn_bytes_threshold set_current_conn_duration_threshold get_current_conn_duration_threshold
 function get_current_conn_packets_threshold%(cid: conn_id, is_orig: bool%): count
 	%{
-	zeek::analyzer::Analyzer* a = GetConnsizeAnalyzer(cid);
+	auto a = analyzer::conn_size::GetConnsizeAnalyzer(cid);
 	if ( ! a )
-		return zeek::val_mgr->Count(0);
+		return val_mgr->Count(0);
 
-	return zeek::val_mgr->Count(static_cast<zeek::analyzer::conn_size::ConnSize_Analyzer*>(a)->GetByteAndPacketThreshold(false, is_orig));
+	return val_mgr->Count(static_cast<analyzer::conn_size::ConnSize_Analyzer*>(a)->GetByteAndPacketThreshold(false, is_orig));
 	%}
 
 ## Gets the current duration threshold size for a connection.
@@ -137,9 +137,9 @@ function get_current_conn_packets_threshold%(cid: conn_id, is_orig: bool%): coun
 ##               get_current_conn_packets_threshold set_current_conn_duration_threshold
 function get_current_conn_duration_threshold%(cid: conn_id%): interval
 	%{
-	zeek::analyzer::Analyzer* a = GetConnsizeAnalyzer(cid);
+	auto a = analyzer::conn_size::GetConnsizeAnalyzer(cid);
 	if ( ! a )
-		return zeek::make_intrusive<zeek::IntervalVal>(0.0);
+		return make_intrusive<IntervalVal>(0.0);
 
-	return zeek::make_intrusive<zeek::IntervalVal>(static_cast<zeek::analyzer::conn_size::ConnSize_Analyzer*>(a)->GetDurationThreshold());
+	return make_intrusive<IntervalVal>(static_cast<analyzer::conn_size::ConnSize_Analyzer*>(a)->GetDurationThreshold());
 	%}

src/zeek.bif

@@ -304,6 +304,38 @@ static bool next_fmt(const char*& fmt, const zeek::Args* args, zeek::ODesc* d, i
 
 	return *fmt != '\0';
 	}
+
+zeek::RecordValPtr zeek::detail::build_dummy_conn_record()
+	{
+	// Return a dummy connection record.
+	auto c = zeek::make_intrusive<zeek::RecordVal>(zeek::id::connection);
+
+	auto id_val = zeek::make_intrusive<zeek::RecordVal>(zeek::id::conn_id);
+	id_val->Assign(0, zeek::make_intrusive<zeek::AddrVal>((unsigned int) 0));
+	id_val->Assign(1, zeek::val_mgr->Port(ntohs(0), TRANSPORT_UDP));
+	id_val->Assign(2, zeek::make_intrusive<zeek::AddrVal>((unsigned int) 0));
+	id_val->Assign(3, zeek::val_mgr->Port(ntohs(0), TRANSPORT_UDP));
+	c->Assign(0, std::move(id_val));
+
+	auto orig_endp = zeek::make_intrusive<zeek::RecordVal>(zeek::id::endpoint);
+	orig_endp->Assign(0, 0);
+	orig_endp->Assign(1, 0);
+
+	auto resp_endp = zeek::make_intrusive<zeek::RecordVal>(zeek::id::endpoint);
+	resp_endp->Assign(0, 0);
+	resp_endp->Assign(1, 0);
+
+	c->Assign(1, std::move(orig_endp));
+	c->Assign(2, std::move(resp_endp));
+
+	c->AssignTime(3, zeek::run_state::network_time);
+	c->AssignInterval(4, 0.0);
+	c->Assign(5, zeek::make_intrusive<zeek::TableVal>(zeek::id::string_set));	// service
+	c->Assign(6, zeek::val_mgr->EmptyString());	// history
+
+	return c;
+	}
+
 %%}
 
 # ===========================================================================
@@ -3652,34 +3684,7 @@ function lookup_connection%(cid: conn_id%): connection
 		return conn->GetVal();
 
 	zeek::emit_builtin_error("connection ID not a known connection", cid);
-
+	return zeek::detail::build_dummy_conn_record();
-	// Return a dummy connection record.
-	auto c = zeek::make_intrusive<zeek::RecordVal>(zeek::id::connection);
-
-	auto id_val = zeek::make_intrusive<zeek::RecordVal>(zeek::id::conn_id);
-	id_val->Assign(0, zeek::make_intrusive<zeek::AddrVal>((unsigned int) 0));
-	id_val->Assign(1, zeek::val_mgr->Port(ntohs(0), TRANSPORT_UDP));
-	id_val->Assign(2, zeek::make_intrusive<zeek::AddrVal>((unsigned int) 0));
-	id_val->Assign(3, zeek::val_mgr->Port(ntohs(0), TRANSPORT_UDP));
-	c->Assign(0, std::move(id_val));
-
-	auto orig_endp = zeek::make_intrusive<zeek::RecordVal>(zeek::id::endpoint);
-	orig_endp->Assign(0, 0);
-	orig_endp->Assign(1, 0);
-
-	auto resp_endp = zeek::make_intrusive<zeek::RecordVal>(zeek::id::endpoint);
-	resp_endp->Assign(0, 0);
-	resp_endp->Assign(1, 0);
-
-	c->Assign(1, std::move(orig_endp));
-	c->Assign(2, std::move(resp_endp));
-
-	c->AssignTime(3, zeek::run_state::network_time);
-	c->AssignInterval(4, 0.0);
-	c->Assign(5, zeek::make_intrusive<zeek::TableVal>(zeek::id::string_set));	// service
-	c->Assign(6, zeek::val_mgr->EmptyString());	// history
-
-	return std::move(c);
 	%}
 
 %%{