Move all base analyzer classes to zeek::analyzer namespace

src/file_analysis/File.cc

@@ -81,7 +81,7 @@ void File::StaticInit()
 	}
 
 File::File(const std::string& file_id, const std::string& source_name, Connection* conn,
-           analyzer::Tag tag, bool is_orig)
+           zeek::analyzer::Tag tag, bool is_orig)
 	: id(file_id), val(nullptr), file_reassembler(nullptr), stream_offset(0),
 	  reassembly_max_buffer(0), did_metadata_inference(false),
 	  reassembly_enabled(false), postpone_timeout(false), done(false),

src/file_analysis/File.h

@@ -254,7 +254,7 @@ protected:
 	 *        direction.
 	 */
 	File(const std::string& file_id, const std::string& source_name, Connection* conn = nullptr,
-	     analyzer::Tag tag = analyzer::Tag::Error, bool is_orig = false);
+	     zeek::analyzer::Tag tag = zeek::analyzer::Tag::Error, bool is_orig = false);
 
 	/**
 	 * Updates the "conn_ids" and "conn_uids" fields in #val record with the

src/file_analysis/Manager.cc

@@ -91,7 +91,7 @@ void Manager::SetHandle(const string& handle)
 	}
 
 string Manager::DataIn(const u_char* data, uint64_t len, uint64_t offset,
-                       const analyzer::Tag& tag, Connection* conn, bool is_orig,
+                       const zeek::analyzer::Tag& tag, Connection* conn, bool is_orig,
                        const string& precomputed_id, const string& mime_type)
 	{
 	string id = precomputed_id.empty() ? GetFileID(tag, conn, is_orig) : precomputed_id;
@@ -120,7 +120,7 @@ string Manager::DataIn(const u_char* data, uint64_t len, uint64_t offset,
 	return id;
 	}
 
-string Manager::DataIn(const u_char* data, uint64_t len, const analyzer::Tag& tag,
+string Manager::DataIn(const u_char* data, uint64_t len, const zeek::analyzer::Tag& tag,
 		       Connection* conn, bool is_orig, const string& precomputed_id,
 		       const string& mime_type)
 	{
@@ -149,7 +149,7 @@ string Manager::DataIn(const u_char* data, uint64_t len, const analyzer::Tag& ta
 void Manager::DataIn(const u_char* data, uint64_t len, const string& file_id,
                      const string& source)
 	{
-	File* file = GetFile(file_id, nullptr, analyzer::Tag::Error, false, false,
+	File* file = GetFile(file_id, nullptr, zeek::analyzer::Tag::Error, false, false,
 	                     source.c_str());
 
 	if ( ! file )
@@ -161,13 +161,13 @@ void Manager::DataIn(const u_char* data, uint64_t len, const string& file_id,
 		RemoveFile(file->GetID());
 	}
 
-void Manager::EndOfFile(const analyzer::Tag& tag, Connection* conn)
+void Manager::EndOfFile(const zeek::analyzer::Tag& tag, Connection* conn)
 	{
 	EndOfFile(tag, conn, true);
 	EndOfFile(tag, conn, false);
 	}
 
-void Manager::EndOfFile(const analyzer::Tag& tag, Connection* conn, bool is_orig)
+void Manager::EndOfFile(const zeek::analyzer::Tag& tag, Connection* conn, bool is_orig)
 	{
 	// Don't need to create a file if we're just going to remove it right away.
 	RemoveFile(GetFileID(tag, conn, is_orig));
@@ -178,7 +178,7 @@ void Manager::EndOfFile(const string& file_id)
 	RemoveFile(file_id);
 	}
 
-string Manager::Gap(uint64_t offset, uint64_t len, const analyzer::Tag& tag,
+string Manager::Gap(uint64_t offset, uint64_t len, const zeek::analyzer::Tag& tag,
                     Connection* conn, bool is_orig, const string& precomputed_id)
 	{
 	string id = precomputed_id.empty() ? GetFileID(tag, conn, is_orig) : precomputed_id;
@@ -191,7 +191,7 @@ string Manager::Gap(uint64_t offset, uint64_t len, const analyzer::Tag& tag,
 	return id;
 	}
 
-string Manager::SetSize(uint64_t size, const analyzer::Tag& tag, Connection* conn,
+string Manager::SetSize(uint64_t size, const zeek::analyzer::Tag& tag, Connection* conn,
                         bool is_orig, const string& precomputed_id)
 	{
 	string id = precomputed_id.empty() ? GetFileID(tag, conn, is_orig) : precomputed_id;
@@ -304,7 +304,7 @@ bool Manager::RemoveAnalyzer(const string& file_id, const file_analysis::Tag& ta
 	}
 
 File* Manager::GetFile(const string& file_id, Connection* conn,
-                       const analyzer::Tag& tag, bool is_orig, bool update_conn,
+                       const zeek::analyzer::Tag& tag, bool is_orig, bool update_conn,
                        const char* source_name)
 	{
 	if ( file_id.empty() )
@@ -319,7 +319,7 @@ File* Manager::GetFile(const string& file_id, Connection* conn,
 		{
 		rval = new File(file_id,
 		                source_name ? source_name
-		                            : analyzer_mgr->GetComponentName(tag),
+		                            : zeek::analyzer_mgr->GetComponentName(tag),
 		                conn, tag, is_orig);
 		id_map[file_id] = rval;
 
@@ -420,7 +420,7 @@ bool Manager::IsIgnored(const string& file_id)
 	return ignored.find(file_id) != ignored.end();
 	}
 
-string Manager::GetFileID(const analyzer::Tag& tag, Connection* c, bool is_orig)
+string Manager::GetFileID(const zeek::analyzer::Tag& tag, Connection* c, bool is_orig)
 	{
 	current_file_id.clear();
 
@@ -431,7 +431,7 @@ string Manager::GetFileID(const analyzer::Tag& tag, Connection* c, bool is_orig)
 		return "";
 
 	DBG_LOG(DBG_FILE_ANALYSIS, "Raise get_file_handle() for protocol analyzer %s",
-		analyzer_mgr->GetComponentName(tag).c_str());
+	        zeek::analyzer_mgr->GetComponentName(tag).c_str());
 
 	const auto& tagval = tag.AsVal();
 
@@ -440,7 +440,7 @@ string Manager::GetFileID(const analyzer::Tag& tag, Connection* c, bool is_orig)
 	return current_file_id;
 	}
 
-bool Manager::IsDisabled(const analyzer::Tag& tag)
+bool Manager::IsDisabled(const zeek::analyzer::Tag& tag)
 	{
 	if ( ! disabled )
 		disabled = zeek::id::find_const("Files::disable")->AsTableVal();

src/file_analysis/Manager.h

@@ -16,11 +16,8 @@
 
 ZEEK_FORWARD_DECLARE_NAMESPACED(TableVal, zeek);
 ZEEK_FORWARD_DECLARE_NAMESPACED(VectorVal, zeek);
-
-namespace analyzer {
-class Analyzer;
-class Tag;
-}
+ZEEK_FORWARD_DECLARE_NAMESPACED(Analyzer, zeek, analyzer);
+ZEEK_FORWARD_DECLARE_NAMESPACED(Tag, zeek, analyzer);
 
 namespace file_analysis {
 
@@ -107,7 +104,7 @@ public:
 	 *         indicates the associate file is not going to be analyzed further.
 	 */
 	std::string DataIn(const u_char* data, uint64_t len, uint64_t offset,
-	                   const analyzer::Tag& tag, Connection* conn, bool is_orig,
+	                   const zeek::analyzer::Tag& tag, Connection* conn, bool is_orig,
 	                   const std::string& precomputed_file_id = "",
 	                   const std::string& mime_type = "");
 
@@ -133,7 +130,7 @@ public:
 	 *         the \c get_file_handle script-layer event).  An empty string
 	 *         indicates the associated file is not going to be analyzed further.
 	 */
-	std::string DataIn(const u_char* data, uint64_t len, const analyzer::Tag& tag,
+	std::string DataIn(const u_char* data, uint64_t len, const zeek::analyzer::Tag& tag,
 	                   Connection* conn, bool is_orig,
 	                   const std::string& precomputed_file_id = "",
 	                   const std::string& mime_type = "");
@@ -156,7 +153,7 @@ public:
 	 * @param tag network protocol over which the file data is transferred.
 	 * @param conn network connection over which the file data is transferred.
 	 */
-	void EndOfFile(const analyzer::Tag& tag, Connection* conn);
+	void EndOfFile(const zeek::analyzer::Tag& tag, Connection* conn);
 
 	/**
 	 * Signal the end of file data being transferred over a connection in
@@ -164,7 +161,7 @@ public:
 	 * @param tag network protocol over which the file data is transferred.
 	 * @param conn network connection over which the file data is transferred.
 	 */
-	void EndOfFile(const analyzer::Tag& tag, Connection* conn, bool is_orig);
+	void EndOfFile(const zeek::analyzer::Tag& tag, Connection* conn, bool is_orig);
 
 	/**
 	 * Signal the end of file data being transferred using the file identifier.
@@ -188,7 +185,7 @@ public:
 	 *         the \c get_file_handle script-layer event).  An empty string
 	 *         indicates the associate file is not going to be analyzed further.
 	 */
-	std::string Gap(uint64_t offset, uint64_t len, const analyzer::Tag& tag,
+	std::string Gap(uint64_t offset, uint64_t len, const zeek::analyzer::Tag& tag,
 	                Connection* conn, bool is_orig,
 	                const std::string& precomputed_file_id = "");
 
@@ -207,7 +204,7 @@ public:
 	 *         the \c get_file_handle script-layer event).  An empty string
 	 *         indicates the associate file is not going to be analyzed further.
 	 */
-	std::string SetSize(uint64_t size, const analyzer::Tag& tag, Connection* conn,
+	std::string SetSize(uint64_t size, const zeek::analyzer::Tag& tag, Connection* conn,
 	                    bool is_orig, const std::string& precomputed_file_id = "");
 
 	/**
@@ -372,7 +369,7 @@ protected:
 	 *         connection-related fields.
 	 */
 	File* GetFile(const std::string& file_id, Connection* conn = nullptr,
-	              const analyzer::Tag& tag = analyzer::Tag::Error,
+	              const zeek::analyzer::Tag& tag = zeek::analyzer::Tag::Error,
 	              bool is_orig = false, bool update_conn = true,
 	              const char* source_name = nullptr);
 
@@ -403,7 +400,7 @@ protected:
 	 * @return #current_file_id, which is a hash of a unique file handle string
 	 *         set by a \c get_file_handle event handler.
 	 */
-	std::string GetFileID(const analyzer::Tag& tag, Connection* c, bool is_orig);
+	std::string GetFileID(const zeek::analyzer::Tag& tag, Connection* c, bool is_orig);
 
 	/**
 	 * Check if analysis is available for files transferred over a given
@@ -413,7 +410,7 @@ protected:
 	 * @return whether file analysis is disabled for the analyzer given by
 	 *         \a tag.
 	 */
-	static bool IsDisabled(const analyzer::Tag& tag);
+	static bool IsDisabled(const zeek::analyzer::Tag& tag);
 
 private:
 	typedef std::set<Tag> TagSet;