Merge remote-tracking branch 'origin/topic/seth/zeek_init'

* origin/topic/seth/zeek_init: Some more testing fixes. Update docs and tests for bro_(init|done) -> zeek_(init|done) Implement the zeek_init handler.
2025-10-10 10:38:20 +00:00 · 2019-04-19 11:16:35 -07:00 · 2019-04-19 11:16:35 -07:00 · a994be9eeb
commit a994be9eeb
parent 9421ee0293 9d676d368b
628 changed files with 868 additions and 1082 deletions
--- a/src/Net.cc
+++ b/src/Net.cc
@ -188,7 +188,7 @@ void net_init(name_list& interfaces, name_list& readfiles,
 	else
 		// have_pending_timers = 1, possibly.  We don't set
 		// that here, though, because at this point we don't know
-		// whether the user's bro_init() event will indeed set
+		// whether the user's zeek_init() event will indeed set
 		// a timer.
 		reading_traces = reading_live = 0;

--- a/src/Val.cc
+++ b/src/Val.cc
@ -2319,7 +2319,7 @@ void TableVal::DoExpire(double t)
 		if ( v->ExpireAccessTime() == 0 )
 			{
 			// This happens when we insert val while network_time
-			// hasn't been initialized yet (e.g. in bro_init()), and
+			// hasn't been initialized yet (e.g. in zeek_init()), and
 			// also when bro_start_network_time hasn't been initialized
 			// (e.g. before first packet).  The expire_access_time is
 			// correct, so we just need to wait.
--- a/src/analyzer/Manager.cc
+++ b/src/analyzer/Manager.cc
@ -113,7 +113,7 @@ void Manager::InitPostScript()
 void Manager::DumpDebug()
 	{
 #ifdef DEBUG
-	DBG_LOG(DBG_ANALYZER, "Available analyzers after bro_init():");
+	DBG_LOG(DBG_ANALYZER, "Available analyzers after zeek_init():");
 	list<Component*> all_analyzers = GetComponents();
 	for ( list<Component*>::const_iterator i = all_analyzers.begin(); i != all_analyzers.end(); ++i )
 		DBG_LOG(DBG_ANALYZER, "    %s (%s)", (*i)->Name().c_str(),
--- a/src/analyzer/Manager.h
+++ b/src/analyzer/Manager.h
@ -78,10 +78,10 @@ public:

 	/**
 	 * Dumps out the state of all registered analyzers to the \c analyzer
-	 * debug stream. Should be called only after any \c bro_init events
+	 * debug stream. Should be called only after any \c zeek_init events
 	 * have executed to ensure that any of their changes are applied.
 	 */
-	void DumpDebug(); // Called after bro_init() events.
+	void DumpDebug(); // Called after zeek_init() events.

 	/**
 	 * Enables an analyzer type. Only enabled analyzers will be
--- a/src/analyzer/protocol/tcp/events.bif
+++ b/src/analyzer/protocol/tcp/events.bif
@ -151,7 +151,7 @@ event connection_reset%(c: connection%);
 ##    connection_first_ACK connection_half_finished connection_partial_close
 ##    connection_rejected connection_reset connection_reused connection_state_remove
 ##    connection_status_update connection_timeout scheduled_analyzer_applied
-##    new_connection new_connection_contents partial_connection bro_done
+##    new_connection new_connection_contents partial_connection zeek_done
 event connection_pending%(c: connection%);

 ## Generated for a SYN packet. Bro raises this event for every SYN packet seen
--- a/src/bro.bif
+++ b/src/bro.bif
@ -2994,8 +2994,8 @@ function uuid_to_string%(uuid: string%): string
 ##
 ## .. note::
 ##
-##      This function must be called at Bro startup time, e.g., in the event
-##      :bro:id:`bro_init`.
+##      This function must be called at Zeek startup time, e.g., in the event
+##      :bro:id:`zeek_init`.
 function merge_pattern%(p1: pattern, p2: pattern%): pattern &deprecated
 	%{
 	RE_Matcher* re = new RE_Matcher();
@ -3061,8 +3061,8 @@ function convert_for_pattern%(s: string%): string
 ##
 ## .. note::
 ##
-##      This function must be called at Bro startup time, e.g., in the event
-##      :bro:id:`bro_init`.
+##      This function must be called at Zeek startup time, e.g., in the event
+##      :bro:id:`zeek_init`.
 function string_to_pattern%(s: string, convert: bool%): pattern
 	%{
 	const char* ss = (const char*) (s->Bytes());
@ -4953,7 +4953,7 @@ function enable_communication%(%): any &deprecated
 	%{
 	if ( bro_start_network_time != 0.0 )
 		{
-		builtin_error("communication must be enabled in bro_init");
+		builtin_error("communication must be enabled in zeek_init");
 		return 0;
 		}

--- a/src/broker/Manager.cc
+++ b/src/broker/Manager.cc
@ -138,7 +138,7 @@ Manager::Manager(bool arg_reading_pcaps)
 	{
 	bound_port = 0;
 	reading_pcaps = arg_reading_pcaps;
-	after_bro_init = false;
+	after_zeek_init = false;
 	peer_count = 0;
 	log_topic_func = nullptr;
 	vector_of_data_type = nullptr;
@ -772,7 +772,7 @@ RecordVal* Manager::MakeEvent(val_list* args, Frame* frame)
 bool Manager::Subscribe(const string& topic_prefix)
 	{
 	DBG_LOG(DBG_BROKER, "Subscribing to topic prefix %s", topic_prefix.c_str());
-	bstate->subscriber.add_topic(topic_prefix, ! after_bro_init);
+	bstate->subscriber.add_topic(topic_prefix, ! after_zeek_init);
 	return true;
 	}

@ -799,7 +799,7 @@ bool Manager::Unsubscribe(const string& topic_prefix)
 			}

 	DBG_LOG(DBG_BROKER, "Unsubscribing from topic prefix %s", topic_prefix.c_str());
-	bstate->subscriber.remove_topic(topic_prefix, ! after_bro_init);
+	bstate->subscriber.remove_topic(topic_prefix, ! after_zeek_init);
 	return true;
 	}

--- a/src/broker/Manager.h
+++ b/src/broker/Manager.h
@ -66,8 +66,8 @@ public:
 	 */
 	void InitPostScript();

-	void BroInitDone()
-		{ after_bro_init = true; }
+	void ZeekInitDone()
+		{ after_zeek_init = true; }

 	/**
 	 * Shuts Broker down at termination.
@ -380,7 +380,7 @@ private:

 	uint16_t bound_port;
 	bool reading_pcaps;
-	bool after_bro_init;
+	bool after_zeek_init;
 	int peer_count;

 	Func* log_topic_func;
--- a/src/event.bif
+++ b/src/event.bif
@ -30,36 +30,46 @@
 #
 #         - .. todo::

-## Generated at Bro initialization time. The event engine generates this
+## Generated at Zeek initialization time. The event engine generates this
 ## event just before normal input processing begins. It can be used to execute
-## one-time initialization code at startup. At the time a handler runs, Bro will
+## one-time initialization code at startup. At the time a handler runs, Zeek will
 ## have executed any global initializations and statements.
 ##
-## .. bro:see:: bro_done
+## .. bro:see:: zeek_done
 ##
 ## .. note::
 ##
-##    When a ``bro_init`` handler executes, Bro has not yet seen any input
+##    When a ``zeek_init`` handler executes, Zeek has not yet seen any input
 ##    packets and therefore :bro:id:`network_time` is not initialized yet. An
-##    artifact of that is that any timer installed in a ``bro_init`` handler
+##    artifact of that is that any timer installed in a ``zeek_init`` handler
 ##    will fire immediately with the first packet. The standard way to work
 ##    around that is to ignore the first time the timer fires and immediately
 ##    reschedule.
 ##
-event bro_init%(%);
+event zeek_init%(%);

-## Generated at Bro termination time. The event engine generates this event when
-## Bro is about to terminate, either due to having exhausted reading its input
-## trace file(s), receiving a termination signal, or because Bro was run without
+## Deprecated synonym for ``zeek_init``.
+##
+## .. bro:see: zeek_init
+event bro_init%(%) &deprecated;
+
+## Generated at Zeek termination time. The event engine generates this event when
+## Zeek is about to terminate, either due to having exhausted reading its input
+## trace file(s), receiving a termination signal, or because Zeek was run without
 ## a network input source and has finished executing any global statements.
 ##
-## .. bro:see:: bro_init
+## .. bro:see:: zeek_init
 ##
 ## .. note::
 ##
-##    If Bro terminates due to an invocation of :bro:id:`exit`, then this event
+##    If Zeek terminates due to an invocation of :bro:id:`exit`, then this event
 ##    is not generated.
-event bro_done%(%);
+event zeek_done%(%);
+
+## Deprecated synonym for ``zeek_done``.
+##
+## .. bro:see: zeek_done
+event bro_done%(%) &deprecated;

 ## Generated for every new connection. This event is raised with the first
 ## packet of a previously unknown connection. Bro uses a flow-based definition
--- a/src/main.cc
+++ b/src/main.cc
@ -339,9 +339,9 @@ void terminate_bro()

 	brofiler.WriteStats();

-	EventHandlerPtr bro_done = internal_handler("bro_done");
-	if ( bro_done )
-		mgr.QueueEvent(bro_done, new val_list);
+	EventHandlerPtr zeek_done = internal_handler("zeek_done");
+	if ( zeek_done )
+		mgr.QueueEvent(zeek_done, new val_list);

 	timer_mgr->Expire();
 	mgr.Drain();
@ -1136,9 +1136,9 @@ int main(int argc, char** argv)
 		// we don't have any other source for it.
 		net_update_time(current_time());

-	EventHandlerPtr bro_init = internal_handler("bro_init");
-	if ( bro_init )	//### this should be a function
-		mgr.QueueEvent(bro_init, new val_list);
+	EventHandlerPtr zeek_init = internal_handler("zeek_init");
+	if ( zeek_init )	//### this should be a function
+		mgr.QueueEvent(zeek_init, new val_list);

 	EventRegistry::string_list* dead_handlers =
 		event_registry->UnusedHandlers();
@ -1204,7 +1204,7 @@ int main(int argc, char** argv)
 	if ( reporter->Errors() > 0 && ! getenv("ZEEK_ALLOW_INIT_ERRORS") )
 		reporter->FatalError("errors occurred while initializing");

-	broker_mgr->BroInitDone();
+	broker_mgr->ZeekInitDone();
 	analyzer_mgr->DumpDebug();

 	have_pending_timers = ! reading_traces && timer_mgr->Size() > 0;
--- a/src/parse.y
+++ b/src/parse.y
@ -1171,6 +1171,12 @@ func_hdr:
 			}
 	|	TOK_EVENT event_id func_params opt_attr
 			{
+			// Gracefully handle the deprecation of bro_init and bro_done
+			if ( streq("bro_init", $2->Name()) )
+				$2 = global_scope()->Lookup("zeek_init");
+			else if ( streq("bro_done", $2->Name()) )
+				$2 = global_scope()->Lookup("zeek_done");
+
 			begin_func($2, current_module.c_str(),
 				   FUNC_FLAVOR_EVENT, 0, $3, $4);
 			$$ = $3;