Add hook 'HookAddToAnalyzerTree' to support TCPRS plugin

This commit introduces a new hook, HookAddToAnalyzerTree, which
allows plugins to add a new analyzer to the analyzer tree during
analyzer tree creation. This hook is necessary to support the
TCPRS plugin.

Additionally, the order in which the scripts were loaded has been
changed to address a problem with undefined variable errors due
to load order issues.

Signed-off-by: James Swaro <james.swaro@gmail.com>

src/analyzer/Manager.cc

@@ -505,6 +505,8 @@ bool Manager::BuildInitialAnalyzerTree(Connection* conn)
 	if ( ! analyzed )
 		conn->SetLifetime(non_analyzed_lifetime);
 
+	PLUGIN_HOOK_VOID(HOOK_ADD_TO_ANALYZER_TREE, HookAddToAnalyzerTree(conn));
+
 	return true;
 	}
 

src/plugin/Manager.cc

@@ -183,8 +183,9 @@ bool Manager::ActivateDynamicPluginInternal(const std::string& name, bool ok_if_
 		}
 
 	// Load {bif,scripts}/__load__.bro automatically.
-
+	// Load scripts/__load__.bro first to avoid issue with undefined variables
-	string init = dir + "lib/bif/__load__.bro";
+	//   from the plugin
+	string init = dir + "scripts/__load__.bro";
 
 	if ( is_file(init) )
 		{
@@ -192,7 +193,7 @@ bool Manager::ActivateDynamicPluginInternal(const std::string& name, bool ok_if_
 		scripts_to_load.push_back(init);
 		}
 
-	init = dir + "scripts/__load__.bro";
+	init = dir + "lib/bif/__load__.bro";
 
 	if ( is_file(init) )
 		{
@@ -660,6 +661,33 @@ void Manager::HookDrainEvents() const
 
 	}
 
+void Manager::HookAddToAnalyzerTree(Connection *conn) const
+	{
+	HookArgumentList args;
+
+	if ( HavePluginForHook(META_HOOK_PRE) )
+		{
+		args.push_back(conn);
+		MetaHookPre(HOOK_ADD_TO_ANALYZER_TREE, args);
+		}
+
+	hook_list *l = hooks[HOOK_ADD_TO_ANALYZER_TREE];
+
+	if ( l )
+		{
+		for (hook_list::iterator i = l->begin() ; i != l->end(); ++i)
+			{
+			Plugin *p = (*i).second;
+			p->HookAddToAnalyzerTree(conn);
+			}
+		}
+
+	if ( HavePluginForHook(META_HOOK_POST) )
+		{
+		MetaHookPost(HOOK_ADD_TO_ANALYZER_TREE, args, HookArgument());
+		}
+	}
+
 void Manager::HookUpdateNetworkTime(double network_time) const
 	{
 	HookArgumentList args;

src/plugin/Manager.h

@@ -264,6 +264,8 @@ public:
 	 */
 	void HookUpdateNetworkTime(double network_time) const;
 
+	void HookAddToAnalyzerTree(Connection *conn) const;
+
 	/**
 	 * Hook that informs plugins that the event queue is being drained.
 	 */

src/plugin/Plugin.cc

@@ -23,6 +23,7 @@ const char* plugin::hook_name(HookType h)
 		"DrainEvents",
 		"UpdateNetworkTime",
 		"BroObjDtor",
+		"AddToAnalyzerTree",
 		// MetaHooks
 		"MetaHookPre",
 		"MetaHookPost",
@@ -310,6 +311,10 @@ void Plugin::HookUpdateNetworkTime(double network_time)
 	{
 	}
 
+void Plugin::HookAddToAnalyzerTree(Connection *conn)
+	{
+	}
+
 void Plugin::HookBroObjDtor(void* obj)
 	{
 	}

src/plugin/Plugin.h

@@ -39,6 +39,7 @@ enum HookType {
 	HOOK_DRAIN_EVENTS,		//< Activates Plugin::HookDrainEvents()
 	HOOK_UPDATE_NETWORK_TIME,	//< Activates Plugin::HookUpdateNetworkTime.
 	HOOK_BRO_OBJ_DTOR,		//< Activates Plugin::HookBroObjDtor.
+	HOOK_ADD_TO_ANALYZER_TREE, // Activates Plugin::HookAddToAnalyzerTree
 
 	// Meta hooks.
 	META_HOOK_PRE,			//< Activates Plugin::MetaHookPre().
@@ -636,6 +637,8 @@ protected:
 	 */
 	virtual void HookUpdateNetworkTime(double network_time);
 
+	virtual void HookAddToAnalyzerTree(Connection *conn);
+
 	/**
 	 * Hook for destruction of objects registered with
 	 * RequestBroObjDtor(). When Bro's reference counting triggers the