Merge remote-tracking branch 'origin/master' into topic/johanna/remove-serializer

src/file_analysis/analyzer/data_event/CMakeLists.txt

@@ -1,8 +1,8 @@
-include(BroPlugin)
+include(ZeekPlugin)
 
 include_directories(BEFORE ${CMAKE_CURRENT_SOURCE_DIR}
                            ${CMAKE_CURRENT_BINARY_DIR})
 
-bro_plugin_begin(Bro FileDataEvent)
-bro_plugin_cc(DataEvent.cc Plugin.cc ../../Analyzer.cc)
-bro_plugin_end()
+zeek_plugin_begin(Zeek FileDataEvent)
+zeek_plugin_cc(DataEvent.cc Plugin.cc ../../Analyzer.cc)
+zeek_plugin_end()

src/file_analysis/analyzer/data_event/Plugin.cc

@@ -5,7 +5,7 @@
 #include "DataEvent.h"
 
 namespace plugin {
-namespace Bro_FileDataEvent {
+namespace Zeek_FileDataEvent {
 
 class Plugin : public plugin::Plugin {
 public:
@@ -14,7 +14,7 @@ public:
 		AddComponent(new ::file_analysis::Component("DATA_EVENT", ::file_analysis::DataEvent::Instantiate));
 
 		plugin::Configuration config;
-		config.name = "Bro::FileDataEvent";
+		config.name = "Zeek::FileDataEvent";
 		config.description = "Delivers file content";
 		return config;
 		}

src/file_analysis/analyzer/entropy/CMakeLists.txt

@@ -1,9 +1,9 @@
-include(BroPlugin)
+include(ZeekPlugin)
 
 include_directories(BEFORE ${CMAKE_CURRENT_SOURCE_DIR}
                            ${CMAKE_CURRENT_BINARY_DIR})
 
-bro_plugin_begin(Bro FileEntropy)
-bro_plugin_cc(Entropy.cc Plugin.cc ../../Analyzer.cc)
-bro_plugin_bif(events.bif)
-bro_plugin_end()
+zeek_plugin_begin(Zeek FileEntropy)
+zeek_plugin_cc(Entropy.cc Plugin.cc ../../Analyzer.cc)
+zeek_plugin_bif(events.bif)
+zeek_plugin_end()

src/file_analysis/analyzer/entropy/Plugin.cc

@@ -5,7 +5,7 @@
 #include "Entropy.h"
 
 namespace plugin {
-namespace Bro_FileEntropy {
+namespace Zeek_FileEntropy {
 
 class Plugin : public plugin::Plugin {
 public:
@@ -14,7 +14,7 @@ public:
 		AddComponent(new ::file_analysis::Component("ENTROPY", ::file_analysis::Entropy::Instantiate));
 
 		plugin::Configuration config;
-		config.name = "Bro::FileEntropy";
+		config.name = "Zeek::FileEntropy";
 		config.description = "Entropy test file content";
 		return config;
 		}

src/file_analysis/analyzer/extract/CMakeLists.txt

@@ -1,10 +1,10 @@
-include(BroPlugin)
+include(ZeekPlugin)
 
 include_directories(BEFORE ${CMAKE_CURRENT_SOURCE_DIR}
                            ${CMAKE_CURRENT_BINARY_DIR})
 
-bro_plugin_begin(Bro FileExtract)
-bro_plugin_cc(Extract.cc Plugin.cc ../../Analyzer.cc)
-bro_plugin_bif(events.bif)
-bro_plugin_bif(functions.bif)
-bro_plugin_end()
+zeek_plugin_begin(Zeek FileExtract)
+zeek_plugin_cc(Extract.cc Plugin.cc ../../Analyzer.cc)
+zeek_plugin_bif(events.bif)
+zeek_plugin_bif(functions.bif)
+zeek_plugin_end()

src/file_analysis/analyzer/extract/Plugin.cc

@@ -5,7 +5,7 @@
 #include "Extract.h"
 
 namespace plugin {
-namespace Bro_FileExtract {
+namespace Zeek_FileExtract {
 
 class Plugin : public plugin::Plugin {
 public:
@@ -14,7 +14,7 @@ public:
 		AddComponent(new ::file_analysis::Component("EXTRACT", ::file_analysis::Extract::Instantiate));
 
 		plugin::Configuration config;
-		config.name = "Bro::FileExtract";
+		config.name = "Zeek::FileExtract";
 		config.description = "Extract file content";
 		return config;
 		}

src/file_analysis/analyzer/hash/CMakeLists.txt

@@ -1,9 +1,9 @@
-include(BroPlugin)
+include(ZeekPlugin)
 
 include_directories(BEFORE ${CMAKE_CURRENT_SOURCE_DIR}
                            ${CMAKE_CURRENT_BINARY_DIR})
 
-bro_plugin_begin(Bro FileHash)
-bro_plugin_cc(Hash.cc Plugin.cc ../../Analyzer.cc)
-bro_plugin_bif(events.bif)
-bro_plugin_end()
+zeek_plugin_begin(Zeek FileHash)
+zeek_plugin_cc(Hash.cc Plugin.cc ../../Analyzer.cc)
+zeek_plugin_bif(events.bif)
+zeek_plugin_end()

src/file_analysis/analyzer/hash/Plugin.cc

@@ -5,7 +5,7 @@
 #include "Hash.h"
 
 namespace plugin {
-namespace Bro_FileHash {
+namespace Zeek_FileHash {
 
 class Plugin : public plugin::Plugin {
 public:
@@ -16,7 +16,7 @@ public:
 		AddComponent(new ::file_analysis::Component("SHA256", ::file_analysis::SHA256::Instantiate));
 
 		plugin::Configuration config;
-		config.name = "Bro::FileHash";
+		config.name = "Zeek::FileHash";
 		config.description = "Hash file content";
 		return config;
 		}

src/file_analysis/analyzer/pe/CMakeLists.txt

@@ -1,12 +1,12 @@
-include(BroPlugin)
+include(ZeekPlugin)
 
 include_directories(BEFORE ${CMAKE_CURRENT_SOURCE_DIR}
                            ${CMAKE_CURRENT_BINARY_DIR})
 
-bro_plugin_begin(Bro PE)
-bro_plugin_cc(PE.cc Plugin.cc)
-bro_plugin_bif(events.bif)
-bro_plugin_pac(
+zeek_plugin_begin(Zeek PE)
+zeek_plugin_cc(PE.cc Plugin.cc)
+zeek_plugin_bif(events.bif)
+zeek_plugin_pac(
   pe.pac
   pe-analyzer.pac
   pe-file-headers.pac
@@ -14,4 +14,4 @@ bro_plugin_pac(
   pe-file.pac
   pe-file-types.pac
 )
-bro_plugin_end()
+zeek_plugin_end()

src/file_analysis/analyzer/pe/Plugin.cc

@@ -5,7 +5,7 @@
 #include "PE.h"
 
 namespace plugin {
-namespace Bro_PE {
+namespace Zeek_PE {
 
 class Plugin : public plugin::Plugin {
 public:
@@ -14,7 +14,7 @@ public:
 		AddComponent(new ::file_analysis::Component("PE", ::file_analysis::PE::Instantiate));
 
 		plugin::Configuration config;
-		config.name = "Bro::PE";
+		config.name = "Zeek::PE";
 		config.description = "Portable Executable analyzer";
 		return config;
 		}

src/file_analysis/analyzer/unified2/CMakeLists.txt

@@ -1,11 +1,11 @@
 
-include(BroPlugin)
+include(ZeekPlugin)
 
 include_directories(BEFORE ${CMAKE_CURRENT_SOURCE_DIR}
                            ${CMAKE_CURRENT_BINARY_DIR})
 
-bro_plugin_begin(Bro Unified2)
-bro_plugin_cc(Unified2.cc Plugin.cc ../../Analyzer.cc)
-bro_plugin_bif(events.bif types.bif)
-bro_plugin_pac(unified2.pac unified2-file.pac unified2-analyzer.pac)
-bro_plugin_end()
+zeek_plugin_begin(Zeek Unified2)
+zeek_plugin_cc(Unified2.cc Plugin.cc ../../Analyzer.cc)
+zeek_plugin_bif(events.bif types.bif)
+zeek_plugin_pac(unified2.pac unified2-file.pac unified2-analyzer.pac)
+zeek_plugin_end()

src/file_analysis/analyzer/unified2/Plugin.cc

@@ -7,7 +7,7 @@
 #include "Unified2.h"
 
 namespace plugin {
-namespace Bro_Unified2 {
+namespace Zeek_Unified2 {
 
 class Plugin : public plugin::Plugin {
 public:
@@ -16,7 +16,7 @@ public:
 		AddComponent(new ::file_analysis::Component("UNIFIED2", ::file_analysis::Unified2::Instantiate));
 
 		plugin::Configuration config;
-		config.name = "Bro::Unified2";
+		config.name = "Zeek::Unified2";
 		config.description = "Analyze Unified2 alert files.";
 		return config;
 		}

src/file_analysis/analyzer/x509/CMakeLists.txt

@@ -1,11 +1,11 @@
 
-include(BroPlugin)
+include(ZeekPlugin)
 
 include_directories(BEFORE ${CMAKE_CURRENT_SOURCE_DIR}
                            ${CMAKE_CURRENT_BINARY_DIR})
 
-bro_plugin_begin(Bro X509)
-bro_plugin_cc(X509Common.cc X509.cc OCSP.cc Plugin.cc)
-bro_plugin_bif(events.bif types.bif functions.bif ocsp_events.bif)
-bro_plugin_pac(x509-extension.pac x509-signed_certificate_timestamp.pac)
-bro_plugin_end()
+zeek_plugin_begin(Zeek X509)
+zeek_plugin_cc(X509Common.cc X509.cc OCSP.cc Plugin.cc)
+zeek_plugin_bif(events.bif types.bif functions.bif ocsp_events.bif)
+zeek_plugin_pac(x509-extension.pac x509-signed_certificate_timestamp.pac)
+zeek_plugin_end()

src/file_analysis/analyzer/x509/Plugin.cc

@@ -7,7 +7,7 @@
 #include "OCSP.h"
 
 namespace plugin {
-namespace Bro_X509 {
+namespace Zeek_X509 {
 
 class Plugin : public plugin::Plugin {
 public:
@@ -18,7 +18,7 @@ public:
 		AddComponent(new ::file_analysis::Component("OCSP_REPLY", ::file_analysis::OCSP::InstantiateReply));
 
 		plugin::Configuration config;
-		config.name = "Bro::X509";
+		config.name = "Zeek::X509";
 		config.description = "X509 and OCSP analyzer";
 		return config;
 		}

src/file_analysis/analyzer/x509/X509.cc

@@ -481,7 +481,7 @@ Val* X509Val::DoClone(CloneState* state)
 	if ( certificate )
 		copy->certificate = X509_dup(certificate);
 
-	return copy;
+	return state->NewClone(this, copy);
 	}
 
 ::X509* X509Val::GetCertificate() const