GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev.

This also installs symlinks from "zeek" and "bro-config" to a wrapper
script that prints a deprecation warning.

The btests pass, but this is still WIP. broctl renaming is still
missing.

#239

testing/btest/scripts/base/protocols/http/100-continue.zeek

@@ -3,7 +3,7 @@
 # a given request.  The http scripts should also be able log such replies
 # in a way that correlates the final response with the request.
 #
-# @TEST-EXEC: bro -r $TRACES/http/100-continue.trace %INPUT
+# @TEST-EXEC: zeek -r $TRACES/http/100-continue.trace %INPUT
 # @TEST-EXEC: test ! -f weird.log
 # @TEST-EXEC: btest-diff http.log
 

testing/btest/scripts/base/protocols/http/101-switching-protocols.zeek

@@ -1,7 +1,7 @@
 # This tests that the HTTP analyzer does not generate a dpd error as a
 # result of seeing an upgraded connection.
 #
-# @TEST-EXEC: bro -r $TRACES/http/websocket.pcap %INPUT
+# @TEST-EXEC: zeek -r $TRACES/http/websocket.pcap %INPUT
 # @TEST-EXEC: test ! -f dpd.log
 # @TEST-EXEC: test ! -f weird.log
 # @TEST-EXEC: btest-diff http.log

testing/btest/scripts/base/protocols/http/content-range-gap-skip.zeek

@@ -1,4 +1,4 @@
-# @TEST-EXEC: bro -r $TRACES/http/content-range-gap-skip.trace %INPUT
+# @TEST-EXEC: zeek -r $TRACES/http/content-range-gap-skip.trace %INPUT
 
 # In this trace, we should be able to determine that a gap lies
 # entirely within the body of an entity that specifies Content-Range,

testing/btest/scripts/base/protocols/http/content-range-gap.zeek

@@ -1,4 +1,4 @@
-# @TEST-EXEC: bro -r $TRACES/http/content-range-gap.trace %INPUT
+# @TEST-EXEC: zeek -r $TRACES/http/content-range-gap.trace %INPUT
 # @TEST-EXEC: btest-diff extract_files/thefile
 
 event file_new(f: fa_file)

testing/btest/scripts/base/protocols/http/content-range-less-than-len.zeek

@@ -1,3 +1,3 @@
-# @TEST-EXEC: bro -r $TRACES/http/content-range-less-than-len.pcap
+# @TEST-EXEC: zeek -r $TRACES/http/content-range-less-than-len.pcap
 # @TEST-EXEC: btest-diff http.log
 # @TEST-EXEC: btest-diff weird.log

testing/btest/scripts/base/protocols/http/entity-gap.zeek

@@ -1,4 +1,4 @@
-# @TEST-EXEC: bro -r $TRACES/http/entity_gap.trace %INPUT
+# @TEST-EXEC: zeek -r $TRACES/http/entity_gap.trace %INPUT
 # @TEST-EXEC: btest-diff entity_data
 # @TEST-EXEC: btest-diff extract_files/file0
 

testing/btest/scripts/base/protocols/http/entity-gap2.zeek

@@ -1,4 +1,4 @@
-# @TEST-EXEC: bro -r $TRACES/http/entity_gap2.trace %INPUT
+# @TEST-EXEC: zeek -r $TRACES/http/entity_gap2.trace %INPUT
 # @TEST-EXEC: btest-diff entity_data
 # @TEST-EXEC: btest-diff extract_files/file0
 

testing/btest/scripts/base/protocols/http/fake-content-length.zeek

@@ -1,2 +1,2 @@
-# @TEST-EXEC: bro -r $TRACES/http/fake-content-length.pcap
+# @TEST-EXEC: zeek -r $TRACES/http/fake-content-length.pcap
 # @TEST-EXEC: btest-diff http.log

testing/btest/scripts/base/protocols/http/http-bad-request-with-version.zeek

@@ -1,4 +1,4 @@
-# @TEST-EXEC: bro -Cr $TRACES/http/http-bad-request-with-version.trace %INPUT
+# @TEST-EXEC: zeek -Cr $TRACES/http/http-bad-request-with-version.trace %INPUT
 # @TEST-EXEC: btest-diff http.log
 # @TEST-EXEC: btest-diff weird.log
 

testing/btest/scripts/base/protocols/http/http-connect-with-header.zeek

@@ -1,7 +1,7 @@
 # This tests that the HTTP analyzer handles HTTP CONNECT proxying correctly
 # when the server include a header line into its response.
 #
-# @TEST-EXEC: bro -C -r $TRACES/http/connect-with-header.trace %INPUT
+# @TEST-EXEC: zeek -C -r $TRACES/http/connect-with-header.trace %INPUT
 # @TEST-EXEC: btest-diff conn.log
 # @TEST-EXEC: btest-diff http.log
 # @TEST-EXEC: btest-diff tunnel.log

testing/btest/scripts/base/protocols/http/http-connect.zeek

@@ -1,6 +1,6 @@
 # This tests that the HTTP analyzer handles HTTP CONNECT proxying correctly.
 #
-# @TEST-EXEC: bro -r $TRACES/http/connect-with-smtp.trace %INPUT
+# @TEST-EXEC: zeek -r $TRACES/http/connect-with-smtp.trace %INPUT
 # @TEST-EXEC: btest-diff conn.log
 # @TEST-EXEC: btest-diff http.log
 # @TEST-EXEC: btest-diff smtp.log

testing/btest/scripts/base/protocols/http/http-filename.zeek

@@ -1,6 +1,6 @@
 # This tests that the HTTP analyzer handles filenames over HTTP correctly.
 #
-# @TEST-EXEC: bro -r $TRACES/http/http-filename.pcap %INPUT
+# @TEST-EXEC: zeek -r $TRACES/http/http-filename.pcap %INPUT
 # @TEST-EXEC: btest-diff http.log
 
 # The base analysis scripts are loaded by default.

testing/btest/scripts/base/protocols/http/http-header-crlf.zeek

@@ -2,7 +2,7 @@
 # it gets confused whether it's in a header or not; it shouldn't report
 # the http_no_crlf_in_header_list wierd.
 #
-# @TEST-EXEC: bro -r $TRACES/http/byteranges.trace %INPUT
+# @TEST-EXEC: zeek -r $TRACES/http/byteranges.trace %INPUT
 # @TEST-EXEC: test ! -f weird.log
 
 # The base analysis scripts are loaded by default.

testing/btest/scripts/base/protocols/http/http-methods.zeek

@@ -1,6 +1,6 @@
 # This tests that the HTTP analyzer handles strange HTTP methods properly.
 #
-# @TEST-EXEC: bro -r $TRACES/http/methods.trace %INPUT
+# @TEST-EXEC: zeek -r $TRACES/http/methods.trace %INPUT
 # @TEST-EXEC: btest-diff weird.log
 # @TEST-EXEC: btest-diff http.log
 

testing/btest/scripts/base/protocols/http/http-pipelining.zeek

@@ -1,4 +1,4 @@
-# @TEST-EXEC: bro -r $TRACES/http/pipelined-requests.trace %INPUT > output
+# @TEST-EXEC: zeek -r $TRACES/http/pipelined-requests.trace %INPUT > output
 # @TEST-EXEC: btest-diff http.log
 
 # mime type is irrelevant to this test, so filter it out

testing/btest/scripts/base/protocols/http/missing-zlib-header.zeek

@@ -2,5 +2,5 @@
 # include an appropriate ZLIB header on deflated 
 # content.
 #
-# @TEST-EXEC: bro -r $TRACES/http/missing-zlib-header.pcap %INPUT
+# @TEST-EXEC: zeek -r $TRACES/http/missing-zlib-header.pcap %INPUT
 # @TEST-EXEC: btest-diff http.log

testing/btest/scripts/base/protocols/http/multipart-extract.zeek

@@ -1,4 +1,4 @@
-# @TEST-EXEC: bro -C -r $TRACES/http/multipart.trace %INPUT
+# @TEST-EXEC: zeek -C -r $TRACES/http/multipart.trace %INPUT
 # @TEST-EXEC: btest-diff http.log
 # @TEST-EXEC: cat extract_files/http-item-* | sort > extractions
 

testing/btest/scripts/base/protocols/http/multipart-file-limit.zeek

@@ -1,10 +1,10 @@
-# @TEST-EXEC: bro -C -r $TRACES/http/multipart.trace
+# @TEST-EXEC: zeek -C -r $TRACES/http/multipart.trace
 # @TEST-EXEC: btest-diff http.log
-# @TEST-EXEC: bro -C -r $TRACES/http/multipart.trace %INPUT >out-limited
+# @TEST-EXEC: zeek -C -r $TRACES/http/multipart.trace %INPUT >out-limited
 # @TEST-EXEC: mv http.log http-limited.log
 # @TEST-EXEC: btest-diff http-limited.log
 # @TEST-EXEC: btest-diff out-limited
-# @TEST-EXEC: bro -C -r $TRACES/http/multipart.trace %INPUT ignore_http_file_limit=T >out-limit-ignored
+# @TEST-EXEC: zeek -C -r $TRACES/http/multipart.trace %INPUT ignore_http_file_limit=T >out-limit-ignored
 # @TEST-EXEC: mv http.log http-limit-ignored.log
 # @TEST-EXEC: btest-diff http-limit-ignored.log
 # @TEST-EXEC: btest-diff out-limit-ignored

testing/btest/scripts/base/protocols/http/no-uri.zeek

@@ -1,4 +1,4 @@
-# @TEST-EXEC: bro -Cr $TRACES/http/no-uri.pcap %INPUT
+# @TEST-EXEC: zeek -Cr $TRACES/http/no-uri.pcap %INPUT
 # @TEST-EXEC: btest-diff http.log
 # @TEST-EXEC: btest-diff weird.log
 

testing/btest/scripts/base/protocols/http/no-version.zeek

@@ -1,3 +1,3 @@
-# @TEST-EXEC: bro -Cr $TRACES/http/no-version.pcap %INPUT
+# @TEST-EXEC: zeek -Cr $TRACES/http/no-version.pcap %INPUT
 # @TEST-EXEC: btest-diff http.log
 

testing/btest/scripts/base/protocols/http/percent-end-of-line.zeek

@@ -1,4 +1,4 @@
-# @TEST-EXEC: bro -Cr $TRACES/http/percent-end-of-line.pcap %INPUT
+# @TEST-EXEC: zeek -Cr $TRACES/http/percent-end-of-line.pcap %INPUT
 # @TEST-EXEC: btest-diff http.log
 # @TEST-EXEC: btest-diff weird.log
 

testing/btest/scripts/base/protocols/http/x-gzip.zeek

@@ -1,2 +1,2 @@
-# @TEST-EXEC: bro -r $TRACES/http/x-gzip.pcap
+# @TEST-EXEC: zeek -r $TRACES/http/x-gzip.pcap
 # @TEST-EXEC: btest-diff http.log

testing/btest/scripts/base/protocols/http/zero-length-bodies-with-drops.zeek

@@ -3,7 +3,7 @@
 # files when there isn't actually any body there and shouldn't
 # create a file.
 #
-# @TEST-EXEC: bro -r $TRACES/http/zero-length-bodies-with-drops.pcap %INPUT
+# @TEST-EXEC: zeek -r $TRACES/http/zero-length-bodies-with-drops.pcap %INPUT
 
 # There shouldn't be a files log (no files!)
 # @TEST-EXEC: test ! -f files.log