Merge remote-tracking branch 'origin/master'

CHANGES

@@ -1,4 +1,47 @@
 
+2.6-494 | 2019-06-20 20:24:38 -0700
+
+  * Renaming src/StateAccess.{h,cc} to src/Notifier.{h,cc}.
+
+    The old names did not reflect the content of the files anymore. (Robin Sommer, Corelight)
+
+  * Remove MutableVal, StateAccess classes, enum Opcode. (Robin Sommer, Corelight)
+
+  * Redo API for notifiers.
+
+    There's now an notifier::Modifiable interface class that class
+    supposed to signal modifications are to be derived from. This takes
+    the place of the former MutableValue class and also unifies how Val
+    and IDs signal modifications. (Robin Sommer, Corelight)
+
+  * Redo NotfifierRegistry to no longer rely on StateAccess.
+
+    We simplify the API to a simple Modified() operation. (Robin Sommer, Corelight)
+
+  * Add new test for when-statement watching global variables. (Robin Sommer, Corelight)
+
+2.6-482 | 2019-06-20 19:57:20 -0700
+
+  * Make configure complain if submodules are not checked out. (Johanna Amann, Corelight)
+
+  * Improve C++ header includes to improve build time (Jon Siwek, Corelight)
+
+2.6-479 | 2019-06-20 18:31:58 -0700
+
+  * Fix TableVal::DoClone to use CloneState cache (Jon Siwek, Corelight)
+
+2.6-478 | 2019-06-20 14:19:11 -0700
+
+  * Remove old Broccoli SSL options (Jon Siwek, Corelight)
+
+    - ssl_ca_certificate
+    - ssl_private_key
+    - ssl_passphrase
+
+2.6-477 | 2019-06-20 14:00:22 -0700
+
+  * Remove unused SerialInfo.h and SerialTypes.h headers (Jon Siwek, Corelight)
+
 2.6-476 | 2019-06-20 13:23:22 -0700
 
   * Remove opaque of ocsp_resp. (Johanna Amann, Corelight)

NEWS

@@ -418,6 +418,9 @@ Removed Functionality
     - ``log_encryption_key``
     - ``state_dir``
     - ``state_write_delay``
+    - ``ssl_ca_certificate``
+    - ``ssl_private_key``
+    - ``ssl_passphrase``
 
 - The following constants were used as part of deprecated functionality in version 2.6
   or below and are removed from this release:

VERSION

@@ -1 +1 @@
-2.6-476
+2.6-494

configure

@@ -106,6 +106,18 @@ Usage: $0 [OPTION]... [VAR=VALUE]...
 
 sourcedir="$( cd "$( dirname "$0" )" && pwd )"
 
+if [ ! -e "$sourcedir/cmake/COPYING" ] && [ -d "$sourcedir/.git" ]; then
+    echo "\
+You seem to be missing the content of the cmake directory.
+
+This typically means that you performed a non-recursive git clone of
+Zeek. To check out the required subdirectories, please execute:
+
+  ( cd $sourcedir && git submodule update --recursive --init )
+" >&2;
+    exit 1;
+fi
+
 # Function to append a CMake cache entry definition to the
 # CMakeCacheEntries variable.
 #   $1 is the cache entry variable name

doc

@@ -1 +1 @@
-Subproject commit e5b95022ffa68ddf4645228d123cf1ea73a55186
+Subproject commit a5f2286834e404df5eb8291fe078732c6b5763ab

scripts/base/init-bare.zeek

@@ -4710,22 +4710,6 @@ const report_gaps_for_partial = F &redef;
 ## controlled for reproducing results.
 const exit_only_after_terminate = F &redef;
 
-## The CA certificate file to authorize remote Zeeks/Broccolis.
-##
-## .. zeek:see:: ssl_private_key ssl_passphrase
-const ssl_ca_certificate = "<undefined>" &redef;
-
-## File containing our private key and our certificate.
-##
-## .. zeek:see:: ssl_ca_certificate ssl_passphrase
-const ssl_private_key = "<undefined>" &redef;
-
-## The passphrase for our private key. Keeping this undefined
-## causes Zeek to prompt for the passphrase.
-##
-## .. zeek:see:: ssl_private_key ssl_ca_certificate
-const ssl_passphrase = "<undefined>" &redef;
-
 ## Default mode for Zeek's user-space dynamic packet filter. If true, packets
 ## that aren't explicitly allowed through, are dropped from any further
 ## processing.

src/NetVar.cc

@@ -165,10 +165,6 @@ StringVal* log_rotate_base_time;
 StringVal* peer_description;
 bro_uint_t chunked_io_buffer_soft_cap;
 
-StringVal* ssl_ca_certificate;
-StringVal* ssl_private_key;
-StringVal* ssl_passphrase;
-
 Val* profiling_file;
 double profiling_interval;
 int expensive_profiling_multiple;
@@ -244,10 +240,6 @@ void init_general_global_var()
 		internal_val("peer_description")->AsStringVal();
 	chunked_io_buffer_soft_cap = opt_internal_unsigned("chunked_io_buffer_soft_cap");
 
-	ssl_ca_certificate = internal_val("ssl_ca_certificate")->AsStringVal();
-	ssl_private_key = internal_val("ssl_private_key")->AsStringVal();
-	ssl_passphrase = internal_val("ssl_passphrase")->AsStringVal();
-
 	packet_filter_default = opt_internal_int("packet_filter_default");
 
 	sig_max_group_size = opt_internal_int("sig_max_group_size");

src/NetVar.h

@@ -168,10 +168,6 @@ extern StringVal* log_rotate_base_time;
 extern StringVal* peer_description;
 extern bro_uint_t chunked_io_buffer_soft_cap;
 
-extern StringVal* ssl_ca_certificate;
-extern StringVal* ssl_private_key;
-extern StringVal* ssl_passphrase;
-
 extern Val* profiling_file;
 extern double profiling_interval;
 extern int expensive_profiling_multiple;

src/OpaqueVal.cc

@@ -6,6 +6,8 @@
 #include "probabilistic/BloomFilter.h"
 #include "probabilistic/CardinalityCounter.h"
 
+#include <broker/error.hh>
+
 // Helper to retrieve a broker value out of a broker::vector at a specified
 // index, and casted to the expected destination type.
 template<typename S, typename V, typename D>

src/OpaqueVal.h

@@ -3,6 +3,9 @@
 #ifndef OPAQUEVAL_H
 #define OPAQUEVAL_H
 
+#include <broker/data.hh>
+#include <broker/expected.hh>
+
 #include "RandTest.h"
 #include "Val.h"
 #include "digest.h"

src/SerialInfo.h

@@ -1,160 +0,0 @@
-// Helper classes to pass data between serialization methods.
-
-#ifndef serialinfo_h
-#define serialinfo_h
-
-class SerialInfo {
-public:
-	SerialInfo(Serializer* arg_s)
-		{
-		s = arg_s;
-		may_suspend = clear_containers = false;
-		cache = globals_as_names = true;
-		type = SER_NONE;
-		pid_32bit = false;
-		include_locations = true;
-		new_cache_strategy = false;
-		}
-
-	SerialInfo(const SerialInfo& info)
-		{
-		s = info.s;
-		may_suspend = info.may_suspend;
-		cache = info.cache;
-		type = info.type;
-		clear_containers = info.clear_containers;
-		globals_as_names = info.globals_as_names;
-		pid_32bit = info.pid_32bit;
-		include_locations = info.include_locations;
-		new_cache_strategy = info.new_cache_strategy;
-		}
-
-	// Parameters that control serialization.
-	Serializer* s;	// serializer to use
-	bool cache;	// true if object caching is ok
-	bool may_suspend;	// if true, suspending serialization is ok
-	bool clear_containers;	// if true, store container values as empty
-	bool include_locations;	// if true, include locations in serialization
-
-	// If true, for NameExpr's serialize just the names of globals, just
-	// their value.
-	bool globals_as_names;
-
-	bool pid_32bit;	// if true, use old-style 32-bit permanent IDs
-
-	// If true, we support keeping objs in cache permanently.
-	bool new_cache_strategy;
-
-	// Attributes set during serialization.
-	SerialType type;	// type of currently serialized object
-
-	// State for suspending/resuming serialization
-	Continuation cont;
-};
-
-class UnserialInfo {
-public:
-	UnserialInfo(Serializer* arg_s)
-		{
-		s = arg_s;
-		cache = true;
-		type = SER_NONE;
-		install_globals = install_conns = true;
-		install_uniques = false;
-		ignore_callbacks = false;
-		id_policy = Replace;
-		print = 0;
-		pid_32bit = false;
-		new_cache_strategy = false;
-		}
-
-	UnserialInfo(const UnserialInfo& info)
-		{
-		s = info.s;
-		cache = info.cache;
-		type = info.type;
-		install_globals = info.install_globals;
-		install_uniques = info.install_uniques;
-		install_conns = info.install_conns;
-		ignore_callbacks = info.ignore_callbacks;
-		id_policy = info.id_policy;
-		print = info.print;
-		pid_32bit = info.pid_32bit;
-		new_cache_strategy = info.new_cache_strategy;
-		}
-
-	// Parameters that control unserialization.
-	Serializer* s;	// serializer to use
-	bool cache;	// if true,  object caching is ok
-	FILE* print;	// print read objects to given file (human-readable)
-
-	bool install_globals;	// if true, install unknown globals
-				// in global scope
-	bool install_conns;	// if true, add connections to session table
-	bool install_uniques;	// if true, install unknown globally
-				// unique IDs in global scope
-	bool ignore_callbacks;	// if true, don't call Got*() callbacks
-	bool pid_32bit; // if true, use old-style 32-bit permanent IDs.
-
-	// If true, we support keeping objs in cache permanently.
-	bool new_cache_strategy;
-
-	// If a global ID already exits, of these policies is used.
-	enum {
-		Keep,	// keep the old ID and ignore the new
-		Replace,	// install the new ID (default)
-
-		// Keep current ID instance but copy the new value into it
-		// (types have to match).
-		CopyNewToCurrent,
-
-		// Install the new ID instance but replace its value
-		// with that of the old one (types have to match).
-		CopyCurrentToNew,
-
-		// Instantiate a new ID, but do not insert it into the global
-		// space.
-		InstantiateNew,
-	} id_policy;
-
-	// Attributes set during unserialization.
-	SerialType type;	// type of currently unserialized object
-};
-
-// Helper class to temporarily disable suspending for all next-level calls
-// using the given SerialInfo.  It saves the current value of info.may_suspend
-// and then sets it to false.  When it goes out of scope, the original value
-// is restored.
-//
-// We need this because not all classes derived from SerialObj are
-// suspension-aware yet, i.e., they don't work correctly if one of the
-// next-level functions suspends. Eventually this may change, but actually
-// it's not very important: most classes don't need to suspend anyway as
-// their data volume is very small.  We have to make sure though that those
-// which do (e.g. TableVals) support suspension.
-class DisableSuspend {
-public:
-	DisableSuspend(SerialInfo* arg_info)
-		{
-		info = arg_info;
-		old_may_suspend = info->may_suspend;
-		info->may_suspend = false;
-		}
-
-	~DisableSuspend()	{ Restore(); }
-
-	void Release()	{ info = 0; }
-
-	// Restores the suspension-state to its original value.
-	void Restore()
-		{
-		if ( info )
-			info->may_suspend = old_may_suspend;
-		}
-
-private:
-	SerialInfo* info;
-	bool old_may_suspend;
-};
-
-#endif

src/SerialTypes.h

@@ -1,236 +0,0 @@
-#ifndef serialtypes_h
-#define serialtypes_h
-
-// Each serializable class gets a type.
-//
-// The type enables a form of poor man's type-checking:
-//     Bit 0-7:  Number (unique relative to main parent (see below)).
-//     Bit 8-12: Main parent class (SER_IS_*)
-//     Bit 13:   unused
-//     Bit 14:   1 if preference is to keep in cache.
-//     Bit 15:   1 if derived from BroObj.
-
-typedef uint16 SerialType;
-
-static const SerialType SER_TYPE_MASK_EXACT = 0x1fff;
-static const SerialType SER_TYPE_MASK_PARENT = 0x1f00;
-static const SerialType SER_IS_CACHE_STABLE = 0x4000;
-static const SerialType SER_IS_BRO_OBJ = 0x8000;
-
-#define SERIAL_CONST(name, val, type) \
-	const SerialType SER_ ## name = val | SER_IS_ ## type;
-
-#define SERIAL_CONST2(name) SERIAL_CONST(name, 1, name)
-
-#define SERIAL_IS(name, val) \
-	static const SerialType SER_IS_ ## name = val;
-#define SERIAL_IS_BO(name, val) \
-	static const SerialType SER_IS_ ## name = val | SER_IS_BRO_OBJ;
-#define SERIAL_IS_BO_AND_CACHE_STABLE(name, val) \
-	static const SerialType SER_IS_ ## name = val | (SER_IS_BRO_OBJ | SER_IS_CACHE_STABLE);
-
-SERIAL_IS_BO(CONNECTION, 0x0100)
-SERIAL_IS(TIMER, 0x0200)
-SERIAL_IS(TCP_ENDPOINT, 0x0300)
-SERIAL_IS_BO(TCP_ANALYZER, 0x0400)
-SERIAL_IS_BO(TCP_ENDPOINT_ANALYZER, 0x0500)
-SERIAL_IS(TCP_CONTENTS, 0x0600)
-SERIAL_IS(REASSEMBLER, 0x0700)
-SERIAL_IS_BO(VAL, 0x0800)
-SERIAL_IS_BO_AND_CACHE_STABLE(EXPR, 0x0900)
-SERIAL_IS_BO_AND_CACHE_STABLE(BRO_TYPE, 0x0a00)
-SERIAL_IS_BO_AND_CACHE_STABLE(STMT, 0x0b00)
-SERIAL_IS_BO_AND_CACHE_STABLE(ATTRIBUTES, 0x0c00)
-SERIAL_IS_BO_AND_CACHE_STABLE(EVENT_HANDLER, 0x0d00)
-SERIAL_IS_BO_AND_CACHE_STABLE(BRO_FILE, 0x0e00)
-SERIAL_IS_BO_AND_CACHE_STABLE(FUNC, 0x0f00)
-SERIAL_IS_BO(ID, 0x1000)
-SERIAL_IS(STATE_ACCESS, 0x1100)
-SERIAL_IS_BO(CASE, 0x1200)
-SERIAL_IS(LOCATION, 0x1300)
-SERIAL_IS(RE_MATCHER, 0x1400)
-SERIAL_IS(BITVECTOR, 0x1500)
-SERIAL_IS(COUNTERVECTOR, 0x1600)
-SERIAL_IS(BLOOMFILTER, 0x1700)
-SERIAL_IS(HASHER, 0x1800)
-
-// These are the externally visible types.
-const SerialType SER_NONE = 0;
-
-SERIAL_CONST2(BRO_OBJ)
-
-#define SERIAL_CONN(name, val) SERIAL_CONST(name, val, CONNECTION)
-SERIAL_CONN(CONNECTION, 1)
-SERIAL_CONN(ICMP_ANALYZER, 2)
-// We use ICMP_Echo here rather than ICMP_ECHO because the latter gets
-// macro expanded :-(.
-SERIAL_CONN(ICMP_Echo, 3)
-SERIAL_CONN(ICMP_CONTEXT, 4)
-SERIAL_CONN(TCP_CONNECTION, 5)
-SERIAL_CONN(TCP_CONNECTION_CONTENTS, 6)
-SERIAL_CONN(FTP_CONN, 7)
-SERIAL_CONN(UDP_CONNECTION, 8)
-
-#define SERIAL_TIMER(name, val) SERIAL_CONST(name, val, TIMER)
-SERIAL_TIMER(TIMER, 1)
-SERIAL_TIMER(CONNECTION_TIMER, 2)
-
-SERIAL_CONST2(TCP_ENDPOINT)
-SERIAL_CONST2(TCP_ANALYZER)
-SERIAL_CONST2(TCP_ENDPOINT_ANALYZER)
-
-#define SERIAL_TCP_CONTENTS(name, val) SERIAL_CONST(name, val, TCP_CONTENTS)
-SERIAL_TCP_CONTENTS(TCP_CONTENTS, 1)
-SERIAL_TCP_CONTENTS(TCP_CONTENT_LINE, 2)
-SERIAL_TCP_CONTENTS(TCP_NVT, 3)
-
-#define SERIAL_REASSEMBLER(name, val) SERIAL_CONST(name, val, REASSEMBLER)
-SERIAL_REASSEMBLER(REASSEMBLER, 1)
-SERIAL_REASSEMBLER(TCP_REASSEMBLER, 2)
-SERIAL_REASSEMBLER(FILE_REASSEMBLER, 3)
-
-#define SERIAL_VAL(name, val) SERIAL_CONST(name, val, VAL)
-SERIAL_VAL(VAL, 1)
-SERIAL_VAL(INTERVAL_VAL,  2)
-SERIAL_VAL(PORT_VAL, 3)
-SERIAL_VAL(ADDR_VAL, 4)
-SERIAL_VAL(SUBNET_VAL, 5)
-SERIAL_VAL(STRING_VAL, 6)
-SERIAL_VAL(PATTERN_VAL, 7)
-SERIAL_VAL(LIST_VAL, 8)
-SERIAL_VAL(TABLE_VAL, 9)
-SERIAL_VAL(RECORD_VAL, 10)
-SERIAL_VAL(ENUM_VAL, 11)
-SERIAL_VAL(VECTOR_VAL, 12)
-SERIAL_VAL(MUTABLE_VAL, 13)
-SERIAL_VAL(OPAQUE_VAL, 14)
-SERIAL_VAL(HASH_VAL, 15)
-SERIAL_VAL(MD5_VAL, 16)
-SERIAL_VAL(SHA1_VAL, 17)
-SERIAL_VAL(SHA256_VAL, 18)
-SERIAL_VAL(ENTROPY_VAL, 19)
-SERIAL_VAL(TOPK_VAL, 20)
-SERIAL_VAL(BLOOMFILTER_VAL, 21)
-SERIAL_VAL(CARDINALITY_VAL, 22)
-SERIAL_VAL(X509_VAL, 23)
-SERIAL_VAL(COMM_STORE_HANDLE_VAL, 24)
-SERIAL_VAL(COMM_DATA_VAL, 25)
-SERIAL_VAL(OCSP_RESP_VAL, 26)
-
-#define SERIAL_EXPR(name, val) SERIAL_CONST(name, val, EXPR)
-SERIAL_EXPR(EXPR, 1)
-SERIAL_EXPR(NAME_EXPR, 2)
-SERIAL_EXPR(CONST_EXPR, 3)
-SERIAL_EXPR(UNARY_EXPR, 4)
-SERIAL_EXPR(BINARY_EXPR, 5)
-SERIAL_EXPR(INCR_EXPR, 6)
-SERIAL_EXPR(NOT_EXPR, 7)
-SERIAL_EXPR(POS_EXPR, 8)
-SERIAL_EXPR(NEG_EXPR, 9)
-SERIAL_EXPR(ADD_EXPR, 10)
-SERIAL_EXPR(SUB_EXPR, 11)
-SERIAL_EXPR(TIMES_EXPR, 12)
-SERIAL_EXPR(DIVIDE_EXPR, 13)
-SERIAL_EXPR(MOD_EXPR, 14)
-SERIAL_EXPR(BOOL_EXPR, 15)
-SERIAL_EXPR(EQ_EXPR, 16)
-SERIAL_EXPR(REL_EXPR, 17)
-SERIAL_EXPR(COND_EXPR, 18)
-SERIAL_EXPR(REF_EXPR, 19)
-SERIAL_EXPR(ASSIGN_EXPR, 20)
-SERIAL_EXPR(INDEX_EXPR, 21)
-SERIAL_EXPR(FIELD_EXPR, 22)
-SERIAL_EXPR(HAS_FIELD_EXPR, 23)
-SERIAL_EXPR(RECORD_CONSTRUCTOR_EXPR, 24)
-SERIAL_EXPR(FIELD_ASSIGN_EXPR, 25)
-// There used to be a SERIAL_EXPR(RECORD_MATCH_EXPR, 26) here
-SERIAL_EXPR(ARITH_COERCE_EXPR, 27)
-SERIAL_EXPR(RECORD_COERCE_EXPR, 28)
-SERIAL_EXPR(FLATTEN_EXPR, 29)
-SERIAL_EXPR(SCHEDULE_EXPR, 30)
-SERIAL_EXPR(IN_EXPR, 31)
-SERIAL_EXPR(CALL_EXPR, 32)
-SERIAL_EXPR(EVENT_EXPR, 33)
-SERIAL_EXPR(LIST_EXPR, 34)
-SERIAL_EXPR(RECORD_ASSIGN_EXPR, 35)
-SERIAL_EXPR(ADD_TO_EXPR, 36)
-SERIAL_EXPR(REMOVE_FROM_EXPR, 37)
-SERIAL_EXPR(SIZE_EXPR, 38)
-SERIAL_EXPR(CLONE_EXPR, 39)
-SERIAL_EXPR(TABLE_CONSTRUCTOR_EXPR, 40)
-SERIAL_EXPR(SET_CONSTRUCTOR_EXPR, 41)
-SERIAL_EXPR(VECTOR_CONSTRUCTOR_EXPR, 42)
-SERIAL_EXPR(TABLE_COERCE_EXPR, 43)
-SERIAL_EXPR(VECTOR_COERCE_EXPR, 44)
-SERIAL_EXPR(CAST_EXPR, 45)
-SERIAL_EXPR(IS_EXPR_, 46) // Name conflict with internal SER_IS_EXPR constant.
-SERIAL_EXPR(BIT_EXPR, 47)
-SERIAL_EXPR(COMPLEMENT_EXPR, 48)
-SERIAL_EXPR(INDEX_SLICE_ASSIGN_EXPR, 49)
-
-#define SERIAL_STMT(name, val) SERIAL_CONST(name, val, STMT)
-SERIAL_STMT(STMT, 1)
-SERIAL_STMT(EXPR_LIST_STMT, 2)
-// There used to be ALARM_STMT (3) here.
-SERIAL_STMT(PRINT_STMT, 4)
-SERIAL_STMT(EXPR_STMT, 5)
-SERIAL_STMT(IF_STMT, 6)
-SERIAL_STMT(SWITCH_STMT, 7)
-SERIAL_STMT(ADD_STMT, 8)
-SERIAL_STMT(DEL_STMT, 9)
-SERIAL_STMT(EVENT_STMT, 10)
-SERIAL_STMT(FOR_STMT, 11)
-SERIAL_STMT(NEXT_STMT, 12)
-SERIAL_STMT(BREAK_STMT, 13)
-SERIAL_STMT(RETURN_STMT, 14)
-SERIAL_STMT(STMT_LIST, 15)
-SERIAL_STMT(EVENT_BODY_LIST, 16)
-SERIAL_STMT(INIT_STMT, 17)
-SERIAL_STMT(NULL_STMT, 18)
-SERIAL_STMT(WHEN_STMT, 19)
-SERIAL_STMT(FALLTHROUGH_STMT, 20)
-SERIAL_STMT(WHILE_STMT, 21)
-
-#define SERIAL_TYPE(name, val) SERIAL_CONST(name, val, BRO_TYPE)
-SERIAL_TYPE(BRO_TYPE, 1)
-SERIAL_TYPE(TYPE_LIST, 2)
-SERIAL_TYPE(INDEX_TYPE, 3)
-SERIAL_TYPE(TABLE_TYPE, 4)
-SERIAL_TYPE(SET_TYPE, 5)
-SERIAL_TYPE(FUNC_TYPE, 6)
-SERIAL_TYPE(RECORD_TYPE, 7)
-SERIAL_TYPE(SUBNET_TYPE, 8)
-SERIAL_TYPE(FILE_TYPE, 9)
-SERIAL_TYPE(ENUM_TYPE, 10)
-SERIAL_TYPE(VECTOR_TYPE, 11)
-SERIAL_TYPE(OPAQUE_TYPE, 12)
-
-SERIAL_CONST2(ATTRIBUTES)
-SERIAL_CONST2(EVENT_HANDLER)
-SERIAL_CONST2(BRO_FILE)
-
-#define SERIAL_FUNC(name, val) SERIAL_CONST(name, val, FUNC)
-SERIAL_FUNC(FUNC, 1)
-SERIAL_FUNC(BRO_FUNC, 2)
-SERIAL_FUNC(DEBUG_FUNC, 3)
-SERIAL_FUNC(BUILTIN_FUNC, 4)
-
-#define SERIAL_BLOOMFILTER(name, val) SERIAL_CONST(name, val, BLOOMFILTER)
-SERIAL_BLOOMFILTER(BLOOMFILTER, 1)
-SERIAL_BLOOMFILTER(BASICBLOOMFILTER, 2)
-SERIAL_BLOOMFILTER(COUNTINGBLOOMFILTER, 3)
-
-#define SERIAL_HASHER(name, val) SERIAL_CONST(name, val, HASHER)
-SERIAL_HASHER(HASHER, 1)
-SERIAL_HASHER(DEFAULTHASHER, 2)
-SERIAL_HASHER(DOUBLEHASHER, 3)
-
-SERIAL_CONST2(ID)
-SERIAL_CONST2(STATE_ACCESS)
-SERIAL_CONST2(CASE)
-SERIAL_CONST2(LOCATION)
-SERIAL_CONST2(RE_MATCHER)
-SERIAL_CONST2(BITVECTOR)
-SERIAL_CONST2(COUNTERVECTOR)
-
-#endif

src/Val.cc

@@ -1959,7 +1959,7 @@ Val* TableVal::DoClone(CloneState* state)
 	TableEntryVal* val;
 	while ( (val = tbl->NextEntry(key, cookie)) )
 		{
-		TableEntryVal* nval = val->Clone();
+		TableEntryVal* nval = val->Clone(state);
 		tv->AsNonConstTable()->Insert(key, nval);
 
 		if ( subnets )

src/Val.h

@@ -3,15 +3,11 @@
 #ifndef val_h
 #define val_h
 
-// BRO values.
-
 #include <vector>
 #include <list>
 #include <array>
 #include <unordered_map>
 
-#include <broker/broker.hh>
-
 #include "net_util.h"
 #include "Type.h"
 #include "Dict.h"
@@ -358,6 +354,7 @@ protected:
 	friend class RecordVal;
 	friend class VectorVal;
 	friend class ValManager;
+	friend class TableEntryVal;
 
 	virtual void ValDescribe(ODesc* d) const;
 	virtual void ValDescribeReST(ODesc* d) const;
@@ -725,9 +722,9 @@ public:
 			int(network_time - bro_start_network_time);
 		}
 
-	TableEntryVal* Clone()
+	TableEntryVal* Clone(Val::CloneState* state)
 		{
-		auto rval = new TableEntryVal(val ? val->Clone() : nullptr);
+		auto rval = new TableEntryVal(val ? val->Clone(state) : nullptr);
 		rval->last_access_time = last_access_time;
 		rval->expire_access_time = expire_access_time;
 		return rval;

src/broker/Data.cc

@@ -1,6 +1,9 @@
 #include "Data.h"
 #include "File.h"
 #include "broker/data.bif.h"
+
+#include <broker/error.hh>
+
 #include <caf/stream_serializer.hpp>
 #include <caf/stream_deserializer.hpp>
 #include <caf/streambuf.hpp>

src/broker/Data.h

@@ -1,7 +1,9 @@
 #ifndef BRO_COMM_DATA_H
 #define BRO_COMM_DATA_H
 
-#include <broker/broker.hh>
+#include <broker/data.hh>
+#include <broker/expected.hh>
+
 #include "OpaqueVal.h"
 #include "Reporter.h"
 #include "Frame.h"

src/broker/Manager.h

@@ -1,7 +1,17 @@
 #ifndef BRO_COMM_MANAGER_H
 #define BRO_COMM_MANAGER_H
 
-#include <broker/broker.hh>
+#include <broker/topic.hh>
+#include <broker/data.hh>
+#include <broker/store.hh>
+#include <broker/status.hh>
+#include <broker/error.hh>
+#include <broker/endpoint.hh>
+#include <broker/endpoint_info.hh>
+#include <broker/peer_info.hh>
+#include <broker/backend.hh>
+#include <broker/backend_options.hh>
+#include <broker/detail/hash.hh>
 #include <broker/zeek.hh>
 #include <memory>
 #include <string>

src/broker/Store.h

@@ -8,7 +8,9 @@
 #include "OpaqueVal.h"
 #include "Trigger.h"
 
-#include <broker/broker.hh>
+#include <broker/store.hh>
+#include <broker/backend.hh>
+#include <broker/backend_options.hh>
 
 namespace bro_broker {
 

src/file_analysis/analyzer/x509/X509.cc

@@ -10,6 +10,8 @@
 
 #include "file_analysis/Manager.h"
 
+#include <broker/error.hh>
+
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
 #include <openssl/asn1.h>

src/probabilistic/BitVector.h

@@ -6,7 +6,8 @@
 #include <iterator>
 #include <vector>
 
-#include <broker/Data.h>
+#include <broker/data.hh>
+#include <broker/expected.hh>
 
 namespace probabilistic {
 

src/probabilistic/BloomFilter.cc

@@ -4,6 +4,8 @@
 #include <cmath>
 #include <limits>
 
+#include <broker/error.hh>
+
 #include "BloomFilter.h"
 
 #include "CounterVector.h"

src/probabilistic/BloomFilter.h

@@ -5,7 +5,8 @@
 
 #include <vector>
 
-#include <broker/Data.h>
+#include <broker/data.hh>
+#include <broker/expected.hh>
 
 #include "BitVector.h"
 #include "Hasher.h"

src/probabilistic/CardinalityCounter.h

@@ -4,7 +4,11 @@
 #define PROBABILISTIC_CARDINALITYCOUNTER_H
 
 #include <stdint.h>
-#include <OpaqueVal.h>
+#include <memory>
+#include <vector>
+
+#include <broker/data.hh>
+#include <broker/expected.hh>
 
 namespace probabilistic {
 

src/probabilistic/CounterVector.cc

@@ -5,6 +5,9 @@
 #include <cassert>
 #include <limits>
 #include "BitVector.h"
+#include "util.h"
+
+#include <broker/error.hh>
 
 using namespace probabilistic;
 

src/probabilistic/CounterVector.h

@@ -6,7 +6,8 @@
 #include <cstddef>
 #include <cstdint>
 
-#include <broker/Data.h>
+#include <broker/data.hh>
+#include <broker/expected.hh>
 
 namespace probabilistic {
 

src/probabilistic/Hasher.h

@@ -3,7 +3,10 @@
 #ifndef PROBABILISTIC_HASHER_H
 #define PROBABILISTIC_HASHER_H
 
-#include <broker/Data.h>
+#include <broker/data.hh>
+#include <broker/expected.hh>
+
+#include <memory>
 
 #include "Hash.h"
 

src/probabilistic/Topk.cc

@@ -1,5 +1,7 @@
 // See the file "COPYING" in the main distribution directory for copyright.
 
+#include <broker/error.hh>
+
 #include "broker/Data.h"
 #include "probabilistic/Topk.h"
 #include "CompHash.h"

testing/btest/Baseline/language.copy/out

@@ -1,2 +1,5 @@
 direct assignment (PASS)
 using copy (PASS)
+F, T
+F, T
+[a=42], [a=42], [a=42], [a=42]

testing/btest/language/copy.zeek

@@ -2,14 +2,12 @@
 # @TEST-EXEC: btest-diff out
 
 function test_case(msg: string, expect: bool)
-        {
+	{
-        print fmt("%s (%s)", msg, expect ? "PASS" : "FAIL");
+	print fmt("%s (%s)", msg, expect ? "PASS" : "FAIL");
-        }
+	}
-
-
 
 event zeek_init()
-{
+	{
 	# "b" is not a copy of "a"
 	local a: set[string] = set("this", "test");
 	local b: set[string] = a;
@@ -25,6 +23,27 @@ event zeek_init()
 	delete c["this"];
 
 	test_case( "using copy", |d| == 2 && "this" in d);
+	}
 
-}
+type myrec: record {
+	a: count;
+};
+
+event zeek_init()
+	{
+	local v: vector of myrec;
+	local t: table[count] of myrec;
+	local mr = myrec($a = 42);
+
+	t[0] = mr;
+	t[1] = mr;
+	local tc = copy(t);
+	print same_object(t, tc), same_object(tc[0], tc[1]);
+
+	v[0] = mr;
+	v[1] = mr;
+	local vc = copy(v);
+	print same_object(v, vc), same_object(vc[0], vc[1]);
+	print tc[0], tc[1], vc[0], vc[1];
+	}