Merge remote-tracking branch 'origin/topic/seth/zeek_init'

* origin/topic/seth/zeek_init:
  Some more testing fixes.
  Update docs and tests for bro_(init|done) -> zeek_(init|done)
  Implement the zeek_init handler.

testing/btest/scripts/base/protocols/http/content-range-gap-skip.zeek

@@ -19,7 +19,7 @@ event content_gap(c: connection, is_orig: bool, seq: count, length: count)
 	got_gap = T;
 	}
 
-event bro_done()
+event zeek_done()
 	{
 	if ( ! got_data_after_gap )
 		exit(1);

testing/btest/scripts/base/protocols/http/http-pipelining.zeek

@@ -2,7 +2,7 @@
 # @TEST-EXEC: btest-diff http.log
 
 # mime type is irrelevant to this test, so filter it out
-event bro_init()
+event zeek_init()
 	{
 	Log::remove_default_filter(HTTP::LOG);
 	Log::add_filter(HTTP::LOG, [$name="less-mime-types", $exclude=set("mime_type")]);

testing/btest/scripts/base/protocols/irc/basic.test

@@ -6,7 +6,7 @@
 # @TEST-EXEC: btest-diff conn.log
 
 # dcc mime types are irrelevant to this test, so filter it out
-event bro_init()
+event zeek_init()
 	{
 	Log::remove_default_filter(IRC::LOG);
 	Log::add_filter(IRC::LOG, [$name="remove-mime", $exclude=set("dcc_mime_type")]);

testing/btest/scripts/base/protocols/krb/smb2_krb.test

@@ -11,7 +11,7 @@
 redef KRB::keytab = "smb2_krb.keytab";
 global monitor_ports: set[port] = { 445/tcp, 139/tcp } &redef;
 
-event bro_init() &priority=5{
+event zeek_init() &priority=5{
 	Analyzer::register_for_ports(Analyzer::ANALYZER_SMB, monitor_ports);
 }
 

testing/btest/scripts/base/protocols/krb/smb2_krb_nokeytab.test

@@ -10,7 +10,7 @@
 
 global monitor_ports: set[port] = { 445/tcp, 139/tcp } &redef;
 
-event bro_init() &priority=5{
+event zeek_init() &priority=5{
 	Analyzer::register_for_ports(Analyzer::ANALYZER_SMB, monitor_ports);
 }
 

testing/btest/scripts/base/protocols/mount/basic.test

@@ -4,7 +4,7 @@
 global mount_ports: set[port] = { 635/tcp, 635/udp, 20048/tcp, 20048/udp } &redef;
 redef ignore_checksums = T;
 
-event bro_init()
+event zeek_init()
 	{
 	Analyzer::register_for_ports(Analyzer::ANALYZER_MOUNT, mount_ports);
 	Analyzer::enable_analyzer(Analyzer::ANALYZER_MOUNT);

testing/btest/scripts/base/protocols/ncp/event.zeek

@@ -3,7 +3,7 @@
 
 redef likely_server_ports += { 524/tcp };
 
-event bro_init()
+event zeek_init()
 	{
 	const ports = { 524/tcp };
 	Analyzer::register_for_ports(Analyzer::ANALYZER_NCP, ports);

testing/btest/scripts/base/protocols/ncp/frame_size_tuning.zeek

@@ -3,7 +3,7 @@
 
 redef likely_server_ports += { 524/tcp };
 
-event bro_init()
+event zeek_init()
 	{
 	const ports = { 524/tcp };
 	Analyzer::register_for_ports(Analyzer::ANALYZER_NCP, ports);

testing/btest/scripts/base/protocols/nfs/basic.test

@@ -4,7 +4,7 @@
 global nfs_ports: set[port] = { 2049/tcp, 2049/udp } &redef;
 redef ignore_checksums = T;
 
-event bro_init()
+event zeek_init()
 	{
 	Analyzer::register_for_ports(Analyzer::ANALYZER_NFS, nfs_ports);
 	Analyzer::enable_analyzer(Analyzer::ANALYZER_NFS);

testing/btest/scripts/base/protocols/pop3/starttls.zeek

@@ -14,7 +14,7 @@ const ports = {
 };
 redef likely_server_ports += { ports };
 
-event bro_init() &priority=5
+event zeek_init() &priority=5
 	{
 	Analyzer::register_for_ports(Analyzer::ANALYZER_POP3, ports);
 	}

testing/btest/scripts/base/protocols/smb/disabled-dce-rpc.test

@@ -6,7 +6,7 @@
 # The DCE_RPC analyzer is a little weird since it's instantiated
 # by the SMB analyzer directly in some cases.  Care needs to be
 # taken to handle a disabled analyzer correctly.
-event bro_init()
+event zeek_init()
 	{
 	Analyzer::disable_analyzer(Analyzer::ANALYZER_DCE_RPC);
 	}

testing/btest/scripts/base/protocols/ssl/dpd.test

@@ -9,7 +9,7 @@
 @load base/frameworks/signatures
 @load-sigs base/protocols/ssl/dpd.sig
 
-event bro_init()
+event zeek_init()
   {
 	print "Start test run";
 	}

testing/btest/scripts/base/protocols/ssl/dtls-no-dtls.test

@@ -3,7 +3,7 @@
 # @TEST-EXEC: bro -C -r $TRACES/dns-txt-multiple.trace %INPUT
 # @TEST-EXEC: btest-diff .stdout
 
-event bro_init()
+event zeek_init()
 	{
 	const add_ports = { 53/udp };
 	Analyzer::register_for_ports(Analyzer::ANALYZER_DTLS, add_ports);

testing/btest/scripts/base/protocols/ssl/ocsp-http-get.test

@@ -6,7 +6,7 @@
 
 @load files/x509/log-ocsp
 
-event bro_init()
+event zeek_init()
 	{
 	Files::register_for_mime_type(Files::ANALYZER_OCSP_REQUEST, "application/ocsp-request");
 	Files::register_for_mime_type(Files::ANALYZER_OCSP_REPLY, "application/ocsp-response");

testing/btest/scripts/base/protocols/ssl/ocsp-request-only.test

@@ -5,7 +5,7 @@
 
 @load files/x509/log-ocsp
 
-event bro_init()
+event zeek_init()
 	{
 	Files::register_for_mime_type(Files::ANALYZER_OCSP_REQUEST, "application/ocsp-request");
 	Files::register_for_mime_type(Files::ANALYZER_OCSP_REPLY, "application/ocsp-response");

testing/btest/scripts/base/protocols/ssl/ocsp-request-response.test

@@ -6,7 +6,7 @@
 
 @load files/x509/log-ocsp
 
-event bro_init()
+event zeek_init()
 	{
 	Files::register_for_mime_type(Files::ANALYZER_OCSP_REQUEST, "application/ocsp-request");
 	Files::register_for_mime_type(Files::ANALYZER_OCSP_REPLY, "application/ocsp-response");

testing/btest/scripts/base/protocols/ssl/ocsp-response-only.test

@@ -6,7 +6,7 @@
 
 @load files/x509/log-ocsp
 
-event bro_init()
+event zeek_init()
 	{
 	Files::register_for_mime_type(Files::ANALYZER_OCSP_REQUEST, "application/ocsp-request");
 	Files::register_for_mime_type(Files::ANALYZER_OCSP_REPLY, "application/ocsp-response");

testing/btest/scripts/base/protocols/ssl/ocsp-revoked.test

@@ -6,7 +6,7 @@
 
 @load files/x509/log-ocsp
 
-event bro_init()
+event zeek_init()
 	{
 	Files::register_for_mime_type(Files::ANALYZER_OCSP_REQUEST, "application/ocsp-request");
 	Files::register_for_mime_type(Files::ANALYZER_OCSP_REPLY, "application/ocsp-response");