Merge remote-tracking branch 'origin/topic/robin/631-deprecation-v2'

During merge I split the test for bro_init/bro_done/bro_script_loaded
event errors into individual tests since the other testing of the zeek
versions of those events seemed fine to otherwise keep.

* origin/topic/robin/631-deprecation-v2:
  Update NEWS for naming changes.
  Small cleanup and updating submodules.
  Remove test for legacy plugin.
  Remove legancy symlinks in aux/.
  Add warnings when loading scripts ending in ".bro", or using legacy environment variables.
  Fix missing rename.
  No longer symlink local.zeek to local.bro.
  Update notice user agent.
  Remove old_comm_usage_is_ok.
  Remove bro-config.h.in and bro-path-dev.in.
  Change Bro wrapper script to now abort when old executable names are still used.
  Remove APIs that were explicitly deprecated to be removed in 3.1.

CHANGES

@@ -1,3 +1,36 @@
+
+3.1.0-dev.482 | 2020-01-30 19:16:03 -0800
+
+  * Update NEWS for naming changes. (Robin Sommer, Corelight)
+
+  * Remove test for legacy plugin. (Robin Sommer, Corelight)
+
+    We no longer support creating new plugins using the old naming
+    scheme.
+
+  * Remove legancy symlinks in aux/. (Robin Sommer, Corelight)
+
+    That's aux/bro-aux and aux/broctl.
+
+  * Add warnings when loading scripts ending in ".bro", or using legacy environment variables. (Robin Sommer, Corelight)
+
+  * Fix missing rename to .zeek-dns-cache. (Robin Sommer, Corelight)
+
+  * No longer symlink local.zeek to local.bro. (Robin Sommer, Corelight)
+
+  * Update notice user agent. (Robin Sommer, Corelight)
+
+  * Remove old_comm_usage_is_ok. (Robin Sommer, Corelight)
+
+  * Remove bro-config.h.in and bro-path-dev.in. (Robin Sommer, Corelight)
+
+  * Change Bro wrapper script to now abort when old executable names are still used. (Robin Sommer, Corelight)
+
+  * Remove APIs that were explicitly deprecated to be removed in 3.1. (Robin Sommer, Corelight)
+
+    Special handling for bro_{init,done,script_loaded} events: if still
+    used, they cause Zeek to abort at startup.
+
 3.1.0-dev.469 | 2020-01-30 08:44:15 -0700
 
   * Fix leaked FDs in redirecting supervised node stdout/stderr (Jon Siwek, Corelight)

CMakeLists.txt

@@ -379,11 +379,8 @@ endif ()
 string(TOLOWER ${CMAKE_BUILD_TYPE} CMAKE_BUILD_TYPE_LOWER)
 configure_file(${CMAKE_CURRENT_SOURCE_DIR}/zeek-config.h.in
                ${CMAKE_CURRENT_BINARY_DIR}/zeek-config.h)
-configure_file(${CMAKE_CURRENT_SOURCE_DIR}/bro-config.h.in
-               ${CMAKE_CURRENT_BINARY_DIR}/bro-config.h)
 include_directories(${CMAKE_CURRENT_BINARY_DIR})
 install(FILES ${CMAKE_CURRENT_BINARY_DIR}/zeek-config.h DESTINATION include/zeek)
-install(FILES ${CMAKE_CURRENT_BINARY_DIR}/bro-config.h DESTINATION include/zeek)
 
 if ( CAF_ROOT_DIR )
   set(ZEEK_CONFIG_CAF_ROOT_DIR ${CAF_ROOT_DIR})

NEWS

@@ -50,6 +50,15 @@ New Functionality
 Changed Functionality
 ---------------------
 
+- The backwards-compability wrappers & work-arounds introduced in 3.0
+  for the "Bro to Zeek rename" have either changed their operation, or in some
+  cases been removed. Generally, anything that reported a
+  naming-related warning in 3.0 now aborts with a corresponding error
+  message. In cases where 3.0 silently continued to accept old names,
+  3.1 now reports warnings. Most importantly, that's loading of
+  scripts with ".bro" endings, which are now flagged and should be
+  renamed.
+
 - The key type of ``Known::service_store`` has changed to
   ``Known::AddrPortServTriplet`` and ``Known::services`` is now a table
   instead of just a set.

VERSION

@@ -1 +1 @@
-3.1.0-dev.469
+3.1.0-dev.482

aux/bro-aux

@@ -1 +0,0 @@
-zeek-aux

aux/broctl

@@ -1 +0,0 @@
-zeekctl

aux/zeek-aux

@@ -1 +1 @@
-Subproject commit 0790f420148806c1380fc7e0e0a4278c7970753c
+Subproject commit 5b98e96695c334b6c2929fb96666d58eb22f9b66

aux/zeekctl

@@ -1 +1 @@
-Subproject commit 6933b86e60f22f7a39ac1a8adbee4867902ce02e
+Subproject commit f8941cd0ba171d9ea2b2e01724597e5e790ffb16

bro-config.h.in

@@ -1,5 +0,0 @@
-#pragma once
-
-#pragma message("Warning: bro-config.h is deprecated, use zeek-config.h instead")
-
-#include "zeek-config.h"

bro-path-dev.in

@@ -1 +0,0 @@
-zeek-path-dev.in

doc

@@ -1 +1 @@
-Subproject commit 3088b53e8ab5e2f35bb2bf57ef0ddbba84820ad9
+Subproject commit 566174d004c14d061fcf7c03e4829f20d46aaad8

scripts/CMakeLists.txt

@@ -7,26 +7,6 @@ install(DIRECTORY ./ DESTINATION ${ZEEK_SCRIPT_INSTALL_PATH} FILES_MATCHING
         PATTERN "*.fp"
 )
 
-if ( NOT BINARY_PACKAGING_MODE )
-  # If the user has a local.bro file from a previous installation, prefer to
-  # symlink local.zeek to it to avoid breaking their custom configuration --
-  # because ZeekControl will now prefer to load local.zeek rather than local.bro
-  # and we're about to install a default version of local.zeek.
-
-  set(_local_bro_dst ${ZEEK_SCRIPT_INSTALL_PATH}/site/local.bro)
-  set(_local_zeek_dst ${ZEEK_SCRIPT_INSTALL_PATH}/site/local.zeek)
-
-  install(CODE "
-    if ( \"\$ENV{DESTDIR}\" STREQUAL \"\" )
-      if ( EXISTS \"${_local_bro_dst}\" AND NOT EXISTS \"${_local_zeek_dst}\" )
-        message(STATUS \"WARNING: installed ${_local_zeek_dst} as symlink to ${_local_bro_dst}\")
-        execute_process(COMMAND \"${CMAKE_COMMAND}\" -E create_symlink
-          \"${_local_bro_dst}\" \"${_local_zeek_dst}\")
-      endif ()
-    endif ()
-  ")
-endif ()
-
 # Install local script as a config file since it's meant to be modified directly.
 InstallPackageConfigFile(
     ${CMAKE_CURRENT_SOURCE_DIR}/site/local.zeek

scripts/base/frameworks/notice/main.zeek

@@ -402,7 +402,7 @@ function email_headers(subject_desc: string, dest: string): string
 		"From: ", mail_from, "\n",
 		"Subject: ", mail_subject_prefix, " ", subject_desc, "\n",
 		"To: ", dest, "\n",
-		"User-Agent: Bro-IDS/", zeek_version(), "\n");
+		"User-Agent: Zeek/", zeek_version(), "\n");
 	if ( reply_to != "" )
 		header_text = string_cat(header_text, "Reply-To: ", reply_to, "\n");
 	return header_text;

scripts/base/init-bare.zeek

@@ -5230,10 +5230,3 @@ const global_hash_seed: string = "" &redef;
 ## files.  The larger the value, the more confidence in UID uniqueness.
 ## The maximum is currently 128 bits.
 const bits_per_uid: count = 96 &redef;
-
-## Whether usage of the old communication system is considered an error or
-## not.  The default Zeek configuration no longer works with the non-Broker
-## communication system unless you have manually taken action to initialize
-## and set up the old comm. system.  Deprecation warnings are still emitted
-## when setting this flag, but they will not result in a fatal error.
-const old_comm_usage_is_ok: bool = F &redef;

scripts/base/utils/json.zeek

@@ -1,2 +0,0 @@
-## This file is deprecated in favor of to_json in zeek.bif
-@deprecated="Remove in 3.1.  to_json is now always available as a built-in function."

src/DNS_Mgr.cc

@@ -467,7 +467,7 @@ void DNS_Mgr::InitPostScript()
 
 	const char* cache_dir = dir ? dir : ".";
 	cache_name = new char[strlen(cache_dir) + 64];
-	sprintf(cache_name, "%s/%s", cache_dir, ".bro-dns-cache");
+	sprintf(cache_name, "%s/%s", cache_dir, ".zeek-dns-cache");
 	LoadCache(fopen(cache_name, "r"));
 	}
 

src/List.h

@@ -154,12 +154,6 @@ public:
 		return max_entries;
 		}
 
-	ZEEK_DEPRECATED("Remove in v3.1: Use std::sort instead")
-	void sort(list_cmp_func cmp_func)
-		{
-		qsort(entries, num_entries, sizeof(T), cmp_func);
-		}
-
 	int MemoryAllocation() const
 		{ return padded_sizeof(*this) + pad_size(max_entries * sizeof(T)); }
 
@@ -174,7 +168,7 @@ public:
 		++num_entries;
 		entries[0] = a;
 		}
-	
+
 	void push_back(const T& a)
 		{
 		if ( num_entries == max_entries )
@@ -182,19 +176,13 @@ public:
 
 		entries[num_entries++] = a;
 		}
-	
+
 	void pop_front()	{ remove_nth(0); }
 	void pop_back()	{ remove_nth(num_entries-1); }
 
 	T& front()	 { return entries[0]; }
 	T& back()	 { return entries[num_entries-1]; }
 
-	ZEEK_DEPRECATED("Remove in v3.1: Use push_front instead")
-	void insert(const T& a)	// add at head of list
-		{
-		push_front(a);
-		}
-
 	// The append method is maintained for historical/compatibility reasons.
 	// (It's commonly used in the event generation API)
 	void append(const T& a)	// add to end of list
@@ -229,16 +217,6 @@ public:
 		return old_ent;
 		}
 
-	ZEEK_DEPRECATED("Remove in v3.1: Use back()/pop_back() instead")
-	T get()		// return and remove ent at end of list
-		{
-		assert(num_entries > 0);
-		return entries[--num_entries];
-		}
-
-	ZEEK_DEPRECATED("Remove in v3.1: Use back() instead")
-	T& last()	{ return back(); }
-
 	// Return 0 if ent is not in the list, ent otherwise.
 	bool is_member(const T& a) const
 		{

src/Val.cc

@@ -719,16 +719,6 @@ void IntervalVal::ValDescribe(ODesc* d) const
 		}
 	}
 
-PortVal* PortManager::Get(uint32_t port_num) const
-	{
-	return val_mgr->GetPort(port_num);
-	}
-
-PortVal* PortManager::Get(uint32_t port_num, TransportProto port_type) const
-	{
-	return val_mgr->GetPort(port_num, port_type);
-	}
-
 uint32_t PortVal::Mask(uint32_t port_num, TransportProto port_type)
 	{
 	// Note, for ICMP one-way connections:
@@ -760,25 +750,8 @@ uint32_t PortVal::Mask(uint32_t port_num, TransportProto port_type)
 	return port_num;
 	}
 
-PortVal::PortVal(uint32_t p, TransportProto port_type) : Val(TYPE_PORT)
-	{
-	auto port_num = PortVal::Mask(p, port_type);
-	val.uint_val = static_cast<bro_uint_t>(port_num);
-	}
-
-PortVal::PortVal(uint32_t p, bool unused) : Val(TYPE_PORT)
-	{
-	val.uint_val = static_cast<bro_uint_t>(p);
-	}
-
 PortVal::PortVal(uint32_t p) : Val(TYPE_PORT)
 	{
-	if ( p >= 65536 * NUM_PORT_SPACES )
-		{
-		InternalWarning("bad port number");
-		p = 0;
-		}
-
 	val.uint_val = static_cast<bro_uint_t>(p);
 	}
 
@@ -3220,7 +3193,7 @@ ValManager::ValManager()
 		auto port_type = (TransportProto)i;
 
 		for ( auto j = 0u; j < arr.size(); ++j )
-			arr[j] = new PortVal(PortVal::Mask(j, port_type), true);
+			arr[j] = new PortVal(PortVal::Mask(j, port_type));
 		}
 	}
 

src/Val.h

@@ -85,56 +85,6 @@ typedef union {
 
 class Val : public BroObj {
 public:
-	ZEEK_DEPRECATED("Remove in v3.1: use val_mgr->GetBool, GetFalse/GetTrue, GetInt, or GetCount instead")
-	Val(bool b, TypeTag t)
-		{
-		val.int_val = b;
-		type = base_type(t);
-#ifdef DEBUG
-		bound_id = 0;
-#endif
-		}
-
-	ZEEK_DEPRECATED("Remove in v3.1: use val_mgr->GetBool, GetFalse/GetTrue, GetInt, or GetCount instead")
-	Val(int32_t i, TypeTag t)
-		{
-		val.int_val = bro_int_t(i);
-		type = base_type(t);
-#ifdef DEBUG
-		bound_id = 0;
-#endif
-		}
-
-	ZEEK_DEPRECATED("Remove in v3.1: use val_mgr->GetBool, GetFalse/GetTrue, GetInt, or GetCount instead")
-	Val(uint32_t u, TypeTag t)
-		{
-		val.uint_val = bro_uint_t(u);
-		type = base_type(t);
-#ifdef DEBUG
-		bound_id = 0;
-#endif
-		}
-
-	ZEEK_DEPRECATED("Remove in v3.1: use val_mgr->GetBool, GetFalse/GetTrue, GetInt, or GetCount instead")
-	Val(int64_t i, TypeTag t)
-		{
-		val.int_val = i;
-		type = base_type(t);
-#ifdef DEBUG
-		bound_id = 0;
-#endif
-		}
-
-	ZEEK_DEPRECATED("Remove in v3.1: use val_mgr->GetBool, GetFalse/GetTrue, GetInt, or GetCount instead")
-	Val(uint64_t u, TypeTag t)
-		{
-		val.uint_val = u;
-		type = base_type(t);
-#ifdef DEBUG
-		bound_id = 0;
-#endif
-		}
-
 	Val(double d, TypeTag t)
 		{
 		val.double_val = d;
@@ -429,23 +379,6 @@ protected:
 
 };
 
-class PortManager {
-public:
-	// Port number given in host order.
-	ZEEK_DEPRECATED("Remove in v3.1: use val_mgr->GetPort() instead")
-	PortVal* Get(uint32_t port_num, TransportProto port_type) const;
-
-	// Host-order port number already masked with port space protocol mask.
-	ZEEK_DEPRECATED("Remove in v3.1: use val_mgr->GetPort() instead")
-	PortVal* Get(uint32_t port_num) const;
-
-	// Returns a masked port number
-	ZEEK_DEPRECATED("Remove in v3.1: use PortVal::Mask() instead")
-	uint32_t Mask(uint32_t port_num, TransportProto port_type) const;
-};
-
-extern PortManager* port_mgr;
-
 // Holds pre-allocated Val objects for those where it's more optimal to
 // re-use existing ones rather than allocate anew.
 class ValManager {
@@ -521,14 +454,6 @@ protected:
 
 class PortVal : public Val {
 public:
-	// Port number given in host order.
-	ZEEK_DEPRECATED("Remove in v3.1: use val_mgr->GetPort() instead")
-	PortVal(uint32_t p, TransportProto port_type);
-
-	// Host-order port number already masked with port space protocol mask.
-	ZEEK_DEPRECATED("Remove in v3.1: use val_mgr->GetPort() instead")
-	explicit PortVal(uint32_t p);
-
 	Val* SizeVal() const override	{ return val_mgr->GetInt(val.uint_val); }
 
 	// Returns the port number in host order (not including the mask).
@@ -559,7 +484,7 @@ protected:
 	friend class Val;
 	friend class ValManager;
 	PortVal()	{}
-	PortVal(uint32_t p, bool unused);
+	PortVal(uint32_t p);
 
 	void ValDescribe(ODesc* d) const override;
 	Val* DoClone(CloneState* state) override;
@@ -1007,13 +932,6 @@ protected:
 
 class EnumVal : public Val {
 public:
-
-	ZEEK_DEPRECATED("Remove in v3.1: use t->GetVal(i) instead")
-	EnumVal(int i, EnumType* t) : Val(t)
-		{
-		val.int_val = i;
-		}
-
 	Val* SizeVal() const override	{ return val_mgr->GetInt(val.int_val); }
 
 protected:

src/analyzer/protocol/rfb/events.bif

@@ -1,8 +1,3 @@
-## Generated for RFB event
-##
-## c: The connection record for the underlying transport-layer session/flow.
-event rfb_event%(c: connection%) &deprecated="Remove in v3.1: This event never served a real purpose and will be removed. Please use the other rfb events instead.";
-
 ## Generated for RFB event authentication mechanism selection
 ##
 ## c: The connection record for the underlying transport-layer session/flow.

src/analyzer/protocol/rfb/rfb-analyzer.pac

@@ -1,11 +1,4 @@
 refine flow RFB_Flow += {
-	function proc_rfb_message(msg: RFB_PDU): bool
-		%{
-		if ( rfb_event )
-			BifEvent::generate_rfb_event(connection()->bro_analyzer(), connection()->bro_analyzer()->Conn());
-		return true;
-		%}
-
 	function proc_rfb_version(client: bool, major: bytestring, minor: bytestring) : bool
 		%{
 		if (client)
@@ -371,7 +364,3 @@ refine connection RFB_Conn += {
 		return true;
 		%}
 };
-
-refine typeattr RFB_PDU += &let {
-	proc: bool = $context.flow.proc_rfb_message(this);
-};

src/event.bif

@@ -48,9 +48,6 @@
 ##
 event zeek_init%(%);
 
-## Deprecated synonym for :zeek:see:`zeek_init`.
-event bro_init%(%) &deprecated="Remove in v3.1: use zeek_init";
-
 ## Generated at Zeek termination time. The event engine generates this event when
 ## Zeek is about to terminate, either due to having exhausted reading its input
 ## trace file(s), receiving a termination signal, or because Zeek was run without
@@ -64,9 +61,6 @@ event bro_init%(%) &deprecated="Remove in v3.1: use zeek_init";
 ##    is not generated.
 event zeek_done%(%);
 
-## Deprecated synonym for :zeek:see:`zeek_done`.
-event bro_done%(%) &deprecated="Remove in v3.1: use zeek_done";
-
 ## Generated for every new connection. This event is raised with the first
 ## packet of a previously unknown connection. Zeek uses a flow-based definition
 ## of "connection" here that includes not only TCP sessions but also UDP and
@@ -666,9 +660,6 @@ event reporter_error%(t: time, msg: string, location: string%) &error_handler;
 ##        recursively for each ``@load``.
 event zeek_script_loaded%(path: string, level: count%);
 
-## Deprecated synonym for :zeek:see:`zeek_script_loaded`.
-event bro_script_loaded%(path: string, level: count%) &deprecated="Remove in v3.1: use zeek_script_loaded";
-
 ## Generated each time Zeek's script interpreter opens a file. This event is
 ## triggered only for files opened via :zeek:id:`open`, and in particular not for
 ## normal log files as created by log writers.

src/main.cc

@@ -83,7 +83,6 @@ int perftools_profile = 0;
 DNS_Mgr* dns_mgr;
 TimerMgr* timer_mgr;
 ValManager* val_mgr = 0;
-PortManager* port_mgr = 0;
 logging::Manager* log_mgr = 0;
 threading::Manager* thread_mgr = 0;
 input::Manager* input_mgr = 0;
@@ -304,7 +303,6 @@ void terminate_bro()
 	delete reporter;
 	delete plugin_mgr;
 	delete val_mgr;
-	delete port_mgr;
 
 	reporter = 0;
 	}
@@ -489,7 +487,6 @@ int main(int argc, char** argv)
 	bro_start_time = current_time(true);
 
 	val_mgr = new ValManager();
-	port_mgr = new PortManager();
 	reporter = new Reporter();
 	thread_mgr = new threading::Manager();
 	plugin_mgr = new plugin::Manager();

src/parse.y

@@ -1164,14 +1164,12 @@ func_hdr:
 			}
 	|	TOK_EVENT event_id func_params opt_attr
 			{
-			// Gracefully handle the deprecation of bro_init, bro_done,
-			// and bro_script_loaded
-			if ( streq("bro_init", $2->Name()) )
-				$2 = global_scope()->Lookup("zeek_init");
-			else if ( streq("bro_done", $2->Name()) )
-				$2 = global_scope()->Lookup("zeek_done");
-			else if ( streq("bro_script_loaded", $2->Name()) )
-				$2 = global_scope()->Lookup("zeek_script_loaded");
+			const char* name = $2->Name();
+			if ( streq("bro_init", name) || streq("bro_done", name) || streq("bro_script_loaded", name) )
+				{
+				auto base = std::string(name).substr(4);
+				reporter->Error(fmt("event %s() is no longer available, use zeek_%s() instead", name, base.c_str()));
+				}
 
 			begin_func($2, current_module.c_str(),
 				   FUNC_FLAVOR_EVENT, 0, $3, $4);

src/plugin/Manager.cc

@@ -189,6 +189,7 @@ bool Manager::ActivateDynamicPluginInternal(const std::string& name, bool ok_if_
 		if ( is_file(init) )
 			{
 			DBG_LOG(DBG_PLUGINS, "  Loading %s", init.c_str());
+			warn_if_legacy_script(init);
 			scripts_to_load.push_back(init);
 			break;
 			}
@@ -202,6 +203,7 @@ bool Manager::ActivateDynamicPluginInternal(const std::string& name, bool ok_if_
 		if ( is_file(init) )
 			{
 			DBG_LOG(DBG_PLUGINS, "  Loading %s", init.c_str());
+			warn_if_legacy_script(init);
 			scripts_to_load.push_back(init);
 			break;
 			}
@@ -214,6 +216,7 @@ bool Manager::ActivateDynamicPluginInternal(const std::string& name, bool ok_if_
 		if ( is_file(init) )
 			{
 			DBG_LOG(DBG_PLUGINS, "  Loading %s", init.c_str());
+			warn_if_legacy_script(init);
 			scripts_to_load.push_back(init);
 			break;
 			}

src/strings.bif

@@ -935,47 +935,6 @@ function safe_shell_quote%(source: string%): string
 	return new StringVal(new BroString(1, dst, j));
 	%}
 
-## Takes a string and escapes characters that would allow execution of
-## commands at the shell level. Must be used before including strings in
-## :zeek:id:`system` or similar calls.  This function is deprecated, use
-## :zeek:see:`safe_shell_quote` as a replacement.  The difference is that
-## :zeek:see:`safe_shell_quote` automatically returns a value that is
-## wrapped in double-quotes, which is required to correctly and fully
-## escape any characters that might be interpreted by the shell.
-##
-## source: The string to escape.
-##
-## Returns: A shell-escaped version of *source*.
-##
-## .. zeek:see:: system safe_shell_quote
-function str_shell_escape%(source: string%): string &deprecated="Remove in v3.1: use safe_shell_quote"
-	%{
-	unsigned j = 0;
-	const u_char* src = source->Bytes();
-	unsigned n = source->Len();
-	byte_vec dst = new u_char[n * 2 + 1];
-
-	for ( unsigned i = 0; i < n; ++i )
-		{
-		switch ( src[i] ) {
-		case '`': case '"': case '\\': case '$':
-
-		// case '|': case '&': case ';': case '(': case ')': case '<':
-		// case '>': case '\'': case '*': case '?': case '[': case ']':
-		// case '!': case '#': case '{': case '}':
-			dst[j++] = '\\';
-			break;
-		default:
-			break;
-		}
-
-		dst[j++] = src[i];
-		}
-
-	dst[j] = '\0';
-	return new StringVal(new BroString(1, dst, j));
-	%}
-
 ## Finds all occurrences of a pattern in a string.
 ##
 ## str: The string to inspect.

src/util.cc

@@ -62,6 +62,36 @@
 #endif
 #endif
 
+static bool starts_with(const std::string_view& s, const std::string& beginning)
+	{
+	if ( beginning.size() > s.size() )
+		return false;
+
+	return std::equal(beginning.begin(), beginning.end(), s.begin());
+	}
+
+TEST_CASE("util starts_with")
+	{
+	CHECK(starts_with("abcde", "ab") == true);
+	CHECK(starts_with("abcde", "de") == false);
+	CHECK(starts_with("abcde", "abcedf") == false);
+	}
+
+static bool ends_with(const std::string_view& s, const std::string& ending)
+	{
+	if ( ending.size() > s.size() )
+		return false;
+
+	return std::equal(ending.rbegin(), ending.rend(), s.rbegin());
+	}
+
+TEST_CASE("util ends_with")
+	{
+	CHECK(ends_with("abcde", "de") == true);
+	CHECK(ends_with("abcde", "fg") == false);
+	CHECK(ends_with("abcde", "abcedf") == false);
+	}
+
 TEST_CASE("util extract_ip")
 	{
 	CHECK(extract_ip("[1.2.3.4]") == "1.2.3.4");
@@ -1249,6 +1279,15 @@ TEST_CASE("util is_package_loader")
 
 const array<string, 2> script_extensions = {".zeek", ".bro"};
 
+void warn_if_legacy_script(const std::string_view& filename)
+	{
+	if ( ends_with(filename, ".bro") )
+		{
+		std::string x(filename);
+		reporter->Warning("Loading script '%s' with legacy extension, support for '.bro' will be removed in Zeek v4.1", x.c_str());
+		}
+	}
+
 bool is_package_loader(const string& path)
 	{
 	string filename(std::move(SafeBasename(path).result));
@@ -1256,7 +1295,10 @@ bool is_package_loader(const string& path)
 	for ( const string& ext : script_extensions )
 		{
 		if ( filename == "__load__" + ext )
+			{
+			warn_if_legacy_script(filename);
 			return true;
+			}
 		}
 
 	return false;
@@ -1294,6 +1336,7 @@ FILE* open_package(string& path, const string& mode)
 		string p = path + ext;
 		if ( can_read(p) )
 			{
+			warn_if_legacy_script(path);
 			path.append(ext);
 			return open_file(path, mode);
 			}
@@ -1648,21 +1691,6 @@ string find_file(const string& filename, const string& path_set,
 	return string();
 	}
 
-static bool ends_with(const std::string& s, const std::string& ending)
-	{
-	if ( ending.size() > s.size() )
-		return false;
-
-	return std::equal(ending.rbegin(), ending.rend(), s.rbegin());
-	}
-
-TEST_CASE("util ends_with")
-	{
-	CHECK(ends_with("abcde", "de") == true);
-	CHECK(ends_with("abcde", "fg") == false);
-	CHECK(ends_with("abcde", "abcedf") == false);
-	}
-
 string find_script_file(const string& filename, const string& path_set)
 	{
 	vector<string> paths;
@@ -1675,11 +1703,16 @@ string find_script_file(const string& filename, const string& path_set)
 		string f = find_file_in_path(filename, paths[n], ext);
 
 		if ( ! f.empty() )
+			{
+			warn_if_legacy_script(f);
 			return f;
+			}
 		}
 
 	if ( ends_with(filename, ".bro") )
 		{
+		warn_if_legacy_script(filename);
+
 		// We were looking for a file explicitly ending in .bro and didn't
 		// find it, so fall back to one ending in .zeek, if it exists.
 		auto fallback = string(filename.data(), filename.size() - 4) + ".zeek";
@@ -2237,7 +2270,12 @@ char* zeekenv(const char* name)
 	if ( it == legacy_vars.end() )
 		return rval;
 
-	return getenv(it->second);
+	auto val = getenv(it->second);
+
+	if ( val && starts_with(it->second, "BRO_") )
+		reporter->Warning("Using legacy environment variable %s, support will be removed in Zeek v4.1; use %s instead", it->second, name);
+
+	return val;
 	}
 
 static string json_escape_byte(char c)

src/util.h

@@ -274,6 +274,9 @@ extern std::string bro_prefixes();
 
 extern const std::array<std::string, 2> script_extensions;
 
+/** Prints a warning if the filename ends in .bro. */
+void warn_if_legacy_script(const std::string_view& filename);
+
 bool is_package_loader(const std::string& path);
 
 extern void add_to_bro_path(const std::string& dir);

src/zeek.bif

@@ -1820,15 +1820,6 @@ function getpid%(%) : count
 extern const char* zeek_version();
 %%}
 
-## Returns the Zeek version string.  This function is deprecated, use
-## :zeek:see:`zeek_version` instead.
-##
-## Returns: Zeek's version, e.g., 2.0-beta-47-debug.
-function bro_version%(%): string &deprecated="Remove in v3.1: use zeek_version"
-	%{
-	return new StringVal(zeek_version());
-	%}
-
 ## Returns the Zeek version string.
 ##
 ## Returns: Zeek's version, e.g., 2.0-beta-47-debug.
@@ -2130,17 +2121,6 @@ function dump_rule_stats%(f: file%): bool
 	return val_mgr->GetBool(1);
 	%}
 
-## Checks if Zeek is terminating.  This function is deprecated, use
-## :zeek:see:`zeek_is_terminating` instead.
-##
-## Returns: True if Zeek is in the process of shutting down.
-##
-## .. zeek:see:: terminate
-function bro_is_terminating%(%): bool &deprecated="Remove in v3.1: use zeek_is_terminating"
-	%{
-	return val_mgr->GetBool(terminating);
-	%}
-
 ## Checks if Zeek is terminating.
 ##
 ## Returns: True if Zeek is in the process of shutting down.

testing/btest/Baseline/bifs.str_shell_escape/out

@@ -1,4 +0,0 @@
-24
-echo ${TEST} > "my file"
-27
-echo \${TEST} > \"my file\"

testing/btest/Baseline/core.load-explicit-bro-suffix-fallback/out

@@ -1 +1,3 @@
+warning in /home/robin/bro/master/testing/btest/.tmp/core.load-explicit-bro-suffix-fallback/load-explicit-bro-suffix-fallback.zeek, line 5: Loading script 'foo.bro' with legacy extension, support for '.bro' will be removed in Zeek v4.1
+warning in /home/robin/bro/master/testing/btest/.tmp/core.load-explicit-bro-suffix-fallback/load-explicit-bro-suffix-fallback.zeek, line 5: Loading script 'foo.bro' with legacy extension, support for '.bro' will be removed in Zeek v4.1
 loaded foo.zeek

testing/btest/Baseline/coverage.bare-mode-errors/errors

@@ -1 +0,0 @@
-warning in /Users/tim/Desktop/projects/zeek/testing/btest/../../scripts//base/utils/json.zeek, line 2: deprecated script loaded from command line arguments ="Remove in 3.1.  to_json is now always available as a built-in function."

testing/btest/Baseline/coverage.init-default/missing_loads

@@ -8,4 +8,3 @@
 -./frameworks/openflow/cluster.zeek
 -./frameworks/packet-filter/cluster.zeek
 -./frameworks/sumstats/cluster.zeek
--./utils/json.zeek

testing/btest/Baseline/language.bro_init/out

@@ -0,0 +1,2 @@
+error in /Users/jsiwek/pro/zeek/zeek/testing/btest/.tmp/language.bro_init/bro_init.zeek, line 5: event bro_init() is no longer available, use zeek_init() instead
+error in /Users/jsiwek/pro/zeek/zeek/testing/btest/.tmp/language.bro_init/bro_init.zeek, line 10: event bro_done() is no longer available, use zeek_done() instead

testing/btest/Baseline/language.bro_script_loaded/out

@@ -0,0 +1 @@
+error in /Users/jsiwek/pro/zeek/zeek/testing/btest/.tmp/language.bro_script_loaded/bro_script_loaded.zeek, line 5: event bro_script_loaded() is no longer available, use zeek_script_loaded() instead

testing/btest/Baseline/language.zeek_init/out

@@ -1,8 +1,6 @@
 zeek_init at priority 10!
-bro_init at priority 5!
 zeek_init at priority 0!
-bro_init at priority -10!
+zeek_init at priority -10!
 zeek_done at priority 10!
-bro_done at priority 5!
 zeek_done at priority 0!
-bro_done at priority -10!
+zeek_done at priority -10!

testing/btest/Baseline/language.zeek_script_loaded/out

@@ -1,4 +1,2 @@
 zeek_script_loaded priority 10
-bro_script_loaded priority 5
 zeek_script_loaded priority 0
-bro_script_loaded priority -10

testing/btest/Baseline/plugins.legacy/output

@@ -1,6 +0,0 @@
-Demo::Foo - A Foo test analyzer (dynamic, version 1.0.0)
-    [Analyzer] Foo (ANALYZER_FOO, enabled)
-    [Event] foo_message
-
-===
-foo_message, [orig_h=::1, orig_p=37927/tcp, resp_h=::1, resp_p=4242/tcp], Hello, Foo!\x0a

testing/btest/bifs/str_shell_escape.zeek

@@ -1,15 +0,0 @@
-#
-# @TEST-EXEC: zeek -b %INPUT >out
-# @TEST-EXEC: btest-diff out
-
-event zeek_init()
-	{
-	local a = "echo ${TEST} > \"my file\"";
-
-	print |a|;
-	print a;
-
-	local b = str_shell_escape(a);
-	print |b|;
-	print b;
-	}

testing/btest/core/load-explicit-bro-suffix-fallback.zeek

@@ -1,5 +1,5 @@
-# @TEST-EXEC: zeek -b %INPUT >out
-# @TEST-EXEC: btest-diff out
+# @TEST-EXEC: zeek -b %INPUT >out 2>&1
+# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-abspath btest-diff out
 
 # We don't have a foo.bro, but we'll accept foo.zeek.
 @load foo.bro

testing/btest/language/bro_init.zeek

@@ -0,0 +1,12 @@
+# @TEST-EXEC-FAIL: zeek -b %INPUT >out 2>&1
+# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-abspath btest-diff out
+
+event bro_init()
+	{
+	print "ran bro_init()";
+	}
+
+event bro_done()
+	{
+	print "ran bro_done()";
+	}

testing/btest/language/bro_script_loaded.zeek

@@ -0,0 +1,8 @@
+# @TEST-EXEC-FAIL: zeek -b %INPUT >out 2>&1
+# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-abspath btest-diff out
+
+event bro_script_loaded(path: string, level: count) &priority=5
+	{
+	if ( /zeek_script_loaded.zeek/ in path )
+		print "bro_script_loaded priority 5";
+	}

testing/btest/language/zeek_init.zeek

@@ -1,36 +1,24 @@
-# @TEST-EXEC: zeek -b %INPUT >out
+# @TEST-EXEC: zeek -b %INPUT >out 2>&1
 # @TEST-EXEC: btest-diff out
 
+event zeek_init() &priority=-10
+	{
+	print "zeek_init at priority -10!";
+	}
 
 event zeek_init() &priority=10
 	{
 	print "zeek_init at priority 10!";
 	}
 
-event bro_init() &priority=5
-	{
-	print "bro_init at priority 5!";
-	}
-
 event zeek_init() &priority=0
 	{
 	print "zeek_init at priority 0!";
 	}
 
-event bro_init() &priority=-10
+event zeek_done() &priority=-10
 	{
-	print "bro_init at priority -10!";
-	}
-
-
-event zeek_done() &priority=10
-	{
-	print "zeek_done at priority 10!";
-	}
-
-event bro_done() &priority=5
-	{
-	print "bro_done at priority 5!";
+	print "zeek_done at priority -10!";
 	}
 
 event zeek_done() &priority=0
@@ -38,7 +26,7 @@ event zeek_done() &priority=0
 	print "zeek_done at priority 0!";
 	}
 
-event bro_done() &priority=-10
+event zeek_done() &priority=10
 	{
-	print "bro_done at priority -10!";
+	print "zeek_done at priority 10!";
 	}

testing/btest/language/zeek_script_loaded.zeek

@@ -1,4 +1,4 @@
-# @TEST-EXEC: zeek -b %INPUT >out
+# @TEST-EXEC: zeek -b %INPUT >out 2>&1
 # @TEST-EXEC: btest-diff out
 
 event zeek_script_loaded(path: string, level: count) &priority=10
@@ -7,20 +7,8 @@ event zeek_script_loaded(path: string, level: count) &priority=10
 		print "zeek_script_loaded priority 10";
 	}
 
-event bro_script_loaded(path: string, level: count) &priority=5
-	{
-	if ( /zeek_script_loaded.zeek/ in path )
-		print "bro_script_loaded priority 5";
-	}
-
 event zeek_script_loaded(path: string, level: count) &priority=0
 	{
 	if ( /zeek_script_loaded.zeek/ in path )
 		print "zeek_script_loaded priority 0";
 	}
-
-event bro_script_loaded(path: string, level: count) &priority=-10
-	{
-	if ( /zeek_script_loaded.zeek/ in path )
-		print "bro_script_loaded priority -10";
-	}

testing/btest/plugins/legacy-plugin/CMakeLists.txt

@@ -1,19 +0,0 @@
-
-project(Zeek-Plugin-Demo-Foo)
-
-cmake_minimum_required(VERSION 2.6.3)
-
-if ( NOT BRO_DIST )
-    message(FATAL_ERROR "BRO_DIST not set")
-endif ()
-
-set(CMAKE_MODULE_PATH ${BRO_DIST}/cmake)
-
-include(BroPlugin)
-
-bro_plugin_begin(Demo Foo)
-bro_plugin_cc(src/Plugin.cc)
-bro_plugin_cc(src/Foo.cc)
-bro_plugin_bif(src/events.bif)
-bro_plugin_pac(src/foo.pac src/foo-protocol.pac src/foo-analyzer.pac)
-bro_plugin_end()

testing/btest/plugins/legacy-plugin/scripts/Demo/Foo/base/main.zeek

@@ -1,7 +0,0 @@
-
-const ports = { 4242/tcp };
-
-event zeek_init() &priority=5
-	{
-	Analyzer::register_for_ports(Analyzer::ANALYZER_FOO, ports);
-	}

testing/btest/plugins/legacy-plugin/scripts/__load__.zeek

@@ -1 +0,0 @@
-@load Demo/Foo/base/main

testing/btest/plugins/legacy-plugin/src/Foo.cc

@@ -1,59 +0,0 @@
-
-#include "Foo.h"
-#include "foo_pac.h"
-#include "events.bif.h"
-
-#include <analyzer/protocol/tcp/TCP_Reassembler.h>
-
-using namespace plugin::Demo_Foo;
-
-Foo::Foo(Connection* conn)
-    : analyzer::tcp::TCP_ApplicationAnalyzer("Foo", conn)
-	{
-	interp = new binpac::Foo::Foo_Conn(this);
-	}
-
-Foo::~Foo()
-	{
-	delete interp;
-	}
-
-void Foo::Done()
-	{
-	analyzer::tcp::TCP_ApplicationAnalyzer::Done();
-
-	interp->FlowEOF(true);
-	interp->FlowEOF(false);
-	}
-
-void Foo::EndpointEOF(bool is_orig)
-	{
-	analyzer::tcp::TCP_ApplicationAnalyzer::EndpointEOF(is_orig);
-	interp->FlowEOF(is_orig);
-	}
-
-void Foo::DeliverStream(int len, const u_char* data, bool orig)
-	{
-	analyzer::tcp::TCP_ApplicationAnalyzer::DeliverStream(len, data, orig);
-
-	assert(TCP());
-
-	if ( TCP()->IsPartial() )
-		// punt on partial.
-		return;
-
-	try
-		{
-		interp->NewData(orig, data, data + len);
-		}
-	catch ( const binpac::Exception& e )
-		{
-		ProtocolViolation(fmt("Binpac exception: %s", e.c_msg()));
-		}
-	}
-
-void Foo::Undelivered(uint64 seq, int len, bool orig)
-	{
-	analyzer::tcp::TCP_ApplicationAnalyzer::Undelivered(seq, len, orig);
-	interp->NewGap(orig, len);
-	}

testing/btest/plugins/legacy-plugin/src/Foo.h

@@ -1,29 +0,0 @@
-
-#pragma once
-
-#include "analyzer/protocol/tcp/TCP.h"
-#include "analyzer/protocol/pia/PIA.h"
-
-namespace binpac  { namespace Foo { class Foo_Conn; } }
-
-namespace plugin {
-namespace Demo_Foo {
-
-class Foo : public analyzer::tcp::TCP_ApplicationAnalyzer {
-public:
-	Foo(Connection* conn);
-	~Foo();
-
-	virtual void Done();
-	virtual void DeliverStream(int len, const u_char* data, bool orig);
-	virtual void Undelivered(uint64 seq, int len, bool orig);
-	virtual void EndpointEOF(bool is_orig);
-
-	static analyzer::Analyzer* Instantiate(Connection* conn)
-		{ return new Foo(conn); }
-
-protected:
-	binpac::Foo::Foo_Conn* interp;
-};
-
-} }

testing/btest/plugins/legacy-plugin/src/Plugin.cc

@@ -1,21 +0,0 @@
-
-#include "Plugin.h"
-
-#include "Foo.h"
-
-namespace plugin { namespace Demo_Foo { Plugin plugin; } }
-
-using namespace plugin::Demo_Foo;
-
-plugin::Configuration Plugin::Configure()
-	{
-	AddComponent(new ::analyzer::Component("Foo", plugin::Demo_Foo::Foo::Instantiate));
-
-	plugin::Configuration config;
-	config.name = "Demo::Foo";
-	config.description = "A Foo test analyzer";
-	config.version.major = 1;
-	config.version.minor = 0;
-	config.version.patch = 0;
-	return config;
-	}

testing/btest/plugins/legacy-plugin/src/events.bif

@@ -1,2 +0,0 @@
-
-event foo_message%(c: connection, data: string%);

testing/btest/plugins/legacy-plugin/src/foo-analyzer.pac

@@ -1,15 +0,0 @@
-
-refine connection Foo_Conn += {
-
-	function Foo_data(msg: Foo_Message): bool
-		%{
-		StringVal* data = new StringVal(${msg.data}.length(), (const char*) ${msg.data}.data());
-		BifEvent::generate_foo_message(bro_analyzer(), bro_analyzer()->Conn(), data);
-		return true;
-		%}
-
-};
-
-refine typeattr Foo_Message += &let {
-	proc: bool = $context.connection.Foo_data(this);
-};

testing/btest/plugins/legacy-plugin/src/foo-protocol.pac

@@ -1,4 +0,0 @@
-
-type Foo_Message(is_orig: bool) = record {
-	data: bytestring &restofdata;
-};

testing/btest/plugins/legacy-plugin/src/foo.pac

@@ -1,26 +0,0 @@
-%include binpac.pac
-%include bro.pac
-
-%extern{
-#include "Foo.h"
-
-#include "events.bif.h"
-%}
-
-analyzer Foo withcontext {
-    connection: Foo_Conn;
-    flow:       Foo_Flow;
-};
-
-connection Foo_Conn(bro_analyzer: BroAnalyzer) {
-    upflow   = Foo_Flow(true);
-    downflow = Foo_Flow(false);
-};
-
-%include foo-protocol.pac
-
-flow Foo_Flow(is_orig: bool) {
-	datagram = Foo_Message(is_orig) withcontext(connection, this);
-};
-
-%include foo-analyzer.pac

testing/btest/plugins/legacy.zeek

@@ -1,14 +0,0 @@
-# Test that legacy Bro plugins still work.
-# @TEST-EXEC: ${DIST}/aux/zeek-aux/plugin-support/init-plugin -u . Demo Foo
-# @TEST-EXEC: cp -r %DIR/legacy-plugin/* .
-# @TEST-EXEC: ./configure --bro-dist=${DIST} && make
-# @TEST-EXEC: unset ZEEK_PLUGIN_PATH; BRO_PLUGIN_PATH=`pwd` zeek -NN Demo::Foo >>output
-# @TEST-EXEC: echo === >>output
-# @TEST-EXEC: unset ZEEK_PLUGIN_PATH; BRO_PLUGIN_PATH=`pwd` zeek -r $TRACES/port4242.trace %INPUT >>output
-# @TEST-EXEC: TEST_DIFF_CANONIFIER= btest-diff output
-
-event foo_message(c: connection, data: string)
-	{
-	print "foo_message", c$id, data;
-	}
-

zeek-wrapper.in

@@ -1,14 +1,13 @@
 #! /usr/bin/env bash
 #
-# Wrapper to continue supporting old names of executables.
-# This will print a deprecation warning to stderr if (1) stdin/stdout/stderr
-# are all connected to a tty, and (2) the environment variable ZEEK_IS_BRO
-# is unset.
+# Wrapper to continue reporting usage of old names of executables.
+# This will print an error to stderr if stdin/stdout/stderr
+# are all connected to a tty. It will then abort with an error
+# exit code.
 
 function deprecated {
 cat >&2 <<EOF
-Warning: Use of '$1' is deprecated. It is linked to a wrapper that
-         will be removed in the future. Please use '$2' instead.
+Error: Use of '$1' is no longer supported. Please use '$2' instead.
 
 EOF
 }
@@ -27,6 +26,6 @@ if [ ! -f "${base}/${new}" ]; then
     exit 1
 fi
 
-test -t 0 && test -t 1 && test -t 2 && test -z "${ZEEK_IS_BRO}" && deprecated "${old}" "${new}"
+test -t 0 && test -t 1 && test -t 2 && deprecated "${old}" "${new}"
 
-"${base}/${new}" "$@"
+exit 1