diff --git a/src/file_analysis/analyzer/data_event/Plugin.cc b/src/file_analysis/analyzer/data_event/Plugin.cc index 7eb637f3a5..c2812a9af9 100644 --- a/src/file_analysis/analyzer/data_event/Plugin.cc +++ b/src/file_analysis/analyzer/data_event/Plugin.cc @@ -1,26 +1,8 @@ #include "plugin/Plugin.h" -#include "file_analysis/Component.h" #include "DataEvent.h" -namespace plugin { namespace Bro_FileDataEvent { - -class Plugin : public plugin::Plugin { -protected: - void InitPreScript() - { - SetName("Bro::FileDataEvent"); - SetVersion(-1); - SetAPIVersion(BRO_PLUGIN_API_VERSION); - SetDynamicPlugin(false); - - SetDescription("Delivers file content via events"); - - AddComponent(new ::file_analysis::Component("DATA_EVENT", - ::file_analysis::DataEvent::Instantiate)); - } -}; - -Plugin __plugin; - -} } +BRO_PLUGIN_BEGIN(Bro, FileDataEvent) + BRO_PLUGIN_DESCRIPTION("Delivers file content via events"); + BRO_PLUGIN_FILE_ANALYZER("DATA_EVENT", DataEvent); +BRO_PLUGIN_END diff --git a/src/file_analysis/analyzer/extract/Plugin.cc b/src/file_analysis/analyzer/extract/Plugin.cc index 39a8fad95f..599301188e 100644 --- a/src/file_analysis/analyzer/extract/Plugin.cc +++ b/src/file_analysis/analyzer/extract/Plugin.cc @@ -1,31 +1,10 @@ #include "plugin/Plugin.h" -#include "file_analysis/Component.h" #include "Extract.h" -namespace plugin { namespace Bro_FileExtract { - -class Plugin : public plugin::Plugin { -protected: - void InitPreScript() - { - SetName("Bro::FileExtract"); - SetVersion(-1); - SetAPIVersion(BRO_PLUGIN_API_VERSION); - SetDynamicPlugin(false); - - SetDescription("Extract file content to local file system"); - - AddComponent(new ::file_analysis::Component("EXTRACT", - ::file_analysis::Extract::Instantiate)); - - extern std::list > __bif_events_init(); - AddBifInitFunction(&__bif_events_init); - extern std::list > __bif_functions_init(); - AddBifInitFunction(&__bif_functions_init); - } -}; - -Plugin __plugin; - -} } +BRO_PLUGIN_BEGIN(Bro, FileExtract) + BRO_PLUGIN_DESCRIPTION("Extract file content to local file system"); + BRO_PLUGIN_FILE_ANALYZER("EXTRACT", Extract); + BRO_PLUGIN_BIF_FILE(events); + BRO_PLUGIN_BIF_FILE(functions); +BRO_PLUGIN_END diff --git a/src/file_analysis/analyzer/hash/Plugin.cc b/src/file_analysis/analyzer/hash/Plugin.cc index 1a7254105e..29453c0bfb 100644 --- a/src/file_analysis/analyzer/hash/Plugin.cc +++ b/src/file_analysis/analyzer/hash/Plugin.cc @@ -1,33 +1,11 @@ #include "plugin/Plugin.h" -#include "file_analysis/Component.h" #include "Hash.h" -namespace plugin { namespace Bro_FileHash { - -class Plugin : public plugin::Plugin { -protected: - void InitPreScript() - { - SetName("Bro::FileHash"); - SetVersion(-1); - SetAPIVersion(BRO_PLUGIN_API_VERSION); - SetDynamicPlugin(false); - - SetDescription("Hash file content"); - - AddComponent(new ::file_analysis::Component("MD5", - ::file_analysis::MD5::Instantiate)); - AddComponent(new ::file_analysis::Component("SHA1", - ::file_analysis::SHA1::Instantiate)); - AddComponent(new ::file_analysis::Component("SHA256", - ::file_analysis::SHA256::Instantiate)); - - extern std::list > __bif_events_init(); - AddBifInitFunction(&__bif_events_init); - } -}; - -Plugin __plugin; - -} } +BRO_PLUGIN_BEGIN(Bro, FileHash) + BRO_PLUGIN_DESCRIPTION("Hash file content"); + BRO_PLUGIN_FILE_ANALYZER("MD5", MD5); + BRO_PLUGIN_FILE_ANALYZER("SHA1", SHA1); + BRO_PLUGIN_FILE_ANALYZER("SHA256", SHA256); + BRO_PLUGIN_BIF_FILE(events); +BRO_PLUGIN_END diff --git a/src/file_analysis/analyzer/unified2/Plugin.cc b/src/file_analysis/analyzer/unified2/Plugin.cc index 130ed89ce9..e94168eae1 100644 --- a/src/file_analysis/analyzer/unified2/Plugin.cc +++ b/src/file_analysis/analyzer/unified2/Plugin.cc @@ -2,34 +2,11 @@ #include "plugin/Plugin.h" -#include "file_analysis/Component.h" - #include "Unified2.h" -namespace plugin { namespace Bro_Unified2 { - -class Plugin : public plugin::Plugin { -protected: - void InitPreScript() - { - SetName("Bro::Unified2"); - SetVersion(-1); - SetAPIVersion(BRO_PLUGIN_API_VERSION); - SetDynamicPlugin(false); - - SetDescription("Analyze Unified2 alert files."); - - AddComponent(new ::file_analysis::Component("UNIFIED2", - ::file_analysis::Unified2::Instantiate)); - - extern std::list > __bif_events_init(); - AddBifInitFunction(&__bif_events_init); - - extern std::list > __bif_types_init(); - AddBifInitFunction(&__bif_types_init); - } -}; - -Plugin __plugin; - -} } +BRO_PLUGIN_BEGIN(Bro, Unified2) + BRO_PLUGIN_DESCRIPTION("Analyze Unified2 alert files."); + BRO_PLUGIN_FILE_ANALYZER("UNIFIED2", Unified2); + BRO_PLUGIN_BIF_FILE(events); + BRO_PLUGIN_BIF_FILE(types); +BRO_PLUGIN_END diff --git a/src/plugin/Macros.h b/src/plugin/Macros.h index f5c1a41cfa..9362642e91 100644 --- a/src/plugin/Macros.h +++ b/src/plugin/Macros.h @@ -9,6 +9,7 @@ #define PLUGIN_MACROS_H #include "analyzer/Component.h" +#include "file_analysis/Component.h" /** * The current plugin API version. Plugins that won't match this version will @@ -91,6 +92,19 @@ #define BRO_PLUGIN_ANALYZER(tag, cls) \ AddComponent(new ::analyzer::Component(tag, ::analyzer::cls::InstantiateAnalyzer)); +/** + * Defines a component implementing a file analyzer. + * + * @param tag A string with the analyzer's tag. This must be unique across + * all loaded analyzers and will translate into a corresponding \c ANALYZER_* + * constant at the script-layer. + * + * @param cls The class that implements the analyzer. It must be derived + * (directly or indirectly) from file_analysis::Analyzer. + */ +#define BRO_PLUGIN_FILE_ANALYZER(tag, cls) \ + AddComponent(new ::file_analysis::Component(tag, ::file_analysis::cls::Instantiate)); + /** * Defines a component implementing a protocol analyzer class that will * not be instantiated dynamically. This is for two use-cases: (1) abstract