Adding a test building a file analyzer plugin.

Also cleaning up, and moving, the other plugin tests.

testing/btest/Baseline/plugins.bifs-and-scripts/output

@@ -1,4 +1,4 @@
-Plugin: Demo::Foo - Caesar cipher rotating a string's characters by 13 places. (dynamic, version 1.0)
+Demo::Foo - Caesar cipher rotating a string's characters by 13 places. (dynamic, version 1.0)
     [Event] plugin_event
     [Function] hello_plugin_world
 

testing/btest/Baseline/plugins.file/output

@@ -0,0 +1,17 @@
+Demo::Foo - A Foo test analyzer (dynamic, version 1.0)
+    [File Analyzer] Foo (ANALYZER_FOO)
+    [Event] foo_piece
+
+===
+foo_piece, FGy9Oo9JLY8SFxMJ2, The National Center 
+foo_piece, FGy9Oo9JLY8SFxMJ2, net, consult your lo
+foo_piece, FGy9Oo9JLY8SFxMJ2, most everything else
+foo_piece, FGy9Oo9JLY8SFxMJ2, low:^J^J   /Mac       
+foo_piece, FGy9Oo9JLY8SFxMJ2, es and directories o
+foo_piece, FGy9Oo9JLY8SFxMJ2, r example, here is a
+foo_piece, FGy9Oo9JLY8SFxMJ2, application, StuffIt
+foo_piece, FGy9Oo9JLY8SFxMJ2, tion BinHex by doubl
+foo_piece, FGy9Oo9JLY8SFxMJ2, laced, or are going 
+foo_piece, FGy9Oo9JLY8SFxMJ2, sers several documen
+foo_piece, FGy9Oo9JLY8SFxMJ2, er or can be printed
+foo_piece, FGy9Oo9JLY8SFxMJ2,  ^J^JBug reports shoul

testing/btest/Baseline/plugins.protocol/output

@@ -1,4 +1,4 @@
-Plugin: Demo::Foo - A Foo test analyzer (dynamic, version 1.0)
+Demo::Foo - A Foo test analyzer (dynamic, version 1.0)
     [Analyzer] Foo (ANALYZER_FOO, enabled)
     [Event] foo_message
 

testing/btest/core/plugins/analyzer-plugin/src/Foo.cc

@@ -1,59 +0,0 @@
-
-#include "Foo.h"
-#include "foo_pac.h"
-#include "events.bif.h"
-
-#include <analyzer/protocol/tcp/TCP_Reassembler.h>
-
-using namespace analyzer::Foo;
-
-Foo_Analyzer::Foo_Analyzer(Connection* conn)
-: tcp::TCP_ApplicationAnalyzer("Foo", conn)
-	{
-	interp = new binpac::Foo::Foo_Conn(this);
-	}
-
-Foo_Analyzer::~Foo_Analyzer()
-	{
-	delete interp;
-	}
-
-void Foo_Analyzer::Done()
-	{
-	tcp::TCP_ApplicationAnalyzer::Done();
-
-	interp->FlowEOF(true);
-	interp->FlowEOF(false);
-	}
-
-void Foo_Analyzer::EndpointEOF(bool is_orig)
-	{
-	tcp::TCP_ApplicationAnalyzer::EndpointEOF(is_orig);
-	interp->FlowEOF(is_orig);
-	}
-
-void Foo_Analyzer::DeliverStream(int len, const u_char* data, bool orig)
-	{
-	tcp::TCP_ApplicationAnalyzer::DeliverStream(len, data, orig);
-
-	assert(TCP());
-
-	if ( TCP()->IsPartial() )
-		// punt on partial.
-		return;
-
-	try
-		{
-		interp->NewData(orig, data, data + len);
-		}
-	catch ( const binpac::Exception& e )
-		{
-		ProtocolViolation(fmt("Binpac exception: %s", e.c_msg()));
-		}
-	}
-
-void Foo_Analyzer::Undelivered(int seq, int len, bool orig)
-	{
-	tcp::TCP_ApplicationAnalyzer::Undelivered(seq, len, orig);
-	interp->NewGap(orig, len);
-	}

testing/btest/plugins/bifs-and-scripts.sh

@@ -1,7 +1,7 @@
 # @TEST-EXEC: ${DIST}/aux/bro-aux/plugin-support/init-plugin Demo Foo
 # @TEST-EXEC: bash %INPUT
 # @TEST-EXEC: make BRO=${DIST}
-# @TEST-EXEC: BRO_PLUGIN_PATH=`pwd` bro -NN | awk '/^Plugin:.*Demo/ {p=1; print; next} /^Plugin:/{p=0} p==1{print}' >>output
+# @TEST-EXEC: BRO_PLUGIN_PATH=`pwd` bro -NN Demo::Foo >>output
 
 # @TEST-EXEC: echo === >>output
 # @TEST-EXEC: BRO_PLUGIN_PATH=`pwd` bro -r $TRACES/empty.trace >>output
@@ -18,8 +18,7 @@
 # @TEST-EXEC: echo === >>output
 # @TEST-EXEC: BRO_PLUGIN_PATH=`pwd` bro -b ./activate.bro  demo/foo -r $TRACES/empty.trace >>output
 
-
-# @TEST-EXEC: btest-diff output
+# @TEST-EXEC: TEST_DIFF_CANONIFIER= btest-diff output
 
 cat >scripts/__load__.bro <<EOF
 @load ./demo/foo/base/at-startup.bro

testing/btest/plugins/file-plugin/CMakeLists.txt

@@ -0,0 +1,18 @@
+
+project(Bro-Plugin-Demo-Foo)
+
+cmake_minimum_required(VERSION 2.6.3)
+
+if ( NOT BRO_DIST )
+    message(FATAL_ERROR "BRO_DIST not set")
+endif ()
+
+set(CMAKE_MODULE_PATH ${BRO_DIST}/cmake)
+
+include(BroPlugin)
+
+bro_plugin_begin(Demo Foo)
+bro_plugin_cc(src/Plugin.cc)
+bro_plugin_cc(src/Foo.cc)
+bro_plugin_bif(src/events.bif)
+bro_plugin_end()

testing/btest/plugins/file-plugin/src/Foo.cc

@@ -0,0 +1,26 @@
+
+#include "Foo.h"
+#include <events.bif.h>
+#include <file_analysis/Manager.h>
+
+using namespace plugin::Demo_Foo;
+
+Foo::Foo(RecordVal* args, file_analysis::File* file)
+    : file_analysis::Analyzer(file_mgr->GetComponentTag("FOO"), args, file)
+	{
+	}
+
+file_analysis::Analyzer* Foo::Instantiate(RecordVal* args, file_analysis::File* file)
+	{
+	return new Foo(args, file);
+	}
+
+bool Foo::DeliverStream(const u_char* data, uint64 len)
+	{
+	val_list* args = new val_list;
+	args->append(GetFile()->GetVal()->Ref());
+	args->append(new StringVal(new BroString(data, len, 0)));
+	mgr.QueueEvent(foo_piece, args);
+    return true;
+    }
+

testing/btest/plugins/file-plugin/src/Foo.h

@@ -0,0 +1,23 @@
+
+#ifndef BRO_PLUGIN_DEMO_FOO_H
+#define BRO_PLUGIN_DEMO_FOO_H
+
+#include <Val.h>
+#include <file_analysis/Analyzer.h>
+
+namespace plugin {
+namespace Demo_Foo {
+
+class Foo : public file_analysis::Analyzer {
+public:
+	virtual bool DeliverStream(const u_char* data, uint64 len);
+
+	static file_analysis::Analyzer* Instantiate(RecordVal* args, file_analysis::File* file);
+
+protected:
+	Foo(RecordVal* args, file_analysis::File* file);
+};
+
+} }
+
+#endif

testing/btest/plugins/file-plugin/src/Plugin.cc

@@ -0,0 +1,25 @@
+
+#include <plugin/Plugin.h>
+
+#include "Foo.h"
+
+namespace plugin {
+namespace Demo_Foo {
+
+class Plugin : public plugin::Plugin {
+public:
+	plugin::Configuration Configure()
+		{
+        AddComponent(new ::file_analysis::Component("Foo", ::plugin::Demo_Foo::Foo::Instantiate));
+
+		plugin::Configuration config;
+		config.name = "Demo::Foo";
+		config.description = "A Foo test analyzer";
+		config.version.major = 1;
+		config.version.minor = 0;
+		return config;
+		}
+} plugin;
+
+}
+}

testing/btest/plugins/file-plugin/src/events.bif

@@ -0,0 +1,2 @@
+
+event foo_piece%(f: fa_file, data: string%);

testing/btest/plugins/file.bro

@@ -0,0 +1,18 @@
+# @TEST-EXEC: ${DIST}/aux/bro-aux/plugin-support/init-plugin Demo Foo
+# @TEST-EXEC: cp -r %DIR/file-plugin/* .
+# @TEST-EXEC: make BRO=${DIST}
+# @TEST-EXEC: BRO_PLUGIN_PATH=`pwd` bro -NN Demo::Foo >>output
+# @TEST-EXEC: echo === >>output
+# @TEST-EXEC: BRO_PLUGIN_PATH=`pwd` bro -r $TRACES/ftp/retr.trace %INPUT >>output
+# @TEST-EXEC: TEST_DIFF_CANONIFIER= btest-diff output
+
+event file_new(f: fa_file)
+    {
+    Files::add_analyzer(f, Files::ANALYZER_FOO);
+    }
+    
+event foo_piece(f: fa_file, data: string)
+	{
+	print "foo_piece", f$id, sub_bytes(data, 0, 20);
+	}
+

testing/btest/plugins/protocol-plugin/src/Foo.cc

@@ -0,0 +1,59 @@
+
+#include "Foo.h"
+#include "foo_pac.h"
+#include "events.bif.h"
+
+#include <analyzer/protocol/tcp/TCP_Reassembler.h>
+
+using namespace plugin::Demo_Foo;
+
+Foo::Foo(Connection* conn)
+    : analyzer::tcp::TCP_ApplicationAnalyzer("Foo", conn)
+	{
+	interp = new binpac::Foo::Foo_Conn(this);
+	}
+
+Foo::~Foo()
+	{
+	delete interp;
+	}
+
+void Foo::Done()
+	{
+	analyzer::tcp::TCP_ApplicationAnalyzer::Done();
+
+	interp->FlowEOF(true);
+	interp->FlowEOF(false);
+	}
+
+void Foo::EndpointEOF(bool is_orig)
+	{
+	analyzer::tcp::TCP_ApplicationAnalyzer::EndpointEOF(is_orig);
+	interp->FlowEOF(is_orig);
+	}
+
+void Foo::DeliverStream(int len, const u_char* data, bool orig)
+	{
+	analyzer::tcp::TCP_ApplicationAnalyzer::DeliverStream(len, data, orig);
+
+	assert(TCP());
+
+	if ( TCP()->IsPartial() )
+		// punt on partial.
+		return;
+
+	try
+		{
+		interp->NewData(orig, data, data + len);
+		}
+	catch ( const binpac::Exception& e )
+		{
+		ProtocolViolation(fmt("Binpac exception: %s", e.c_msg()));
+		}
+	}
+
+void Foo::Undelivered(int seq, int len, bool orig)
+	{
+	analyzer::tcp::TCP_ApplicationAnalyzer::Undelivered(seq, len, orig);
+	interp->NewGap(orig, len);
+	}

testing/btest/plugins/protocol-plugin/src/Foo.h

@@ -7,12 +7,13 @@
 
 namespace binpac  { namespace Foo { class Foo_Conn; } }
 
-namespace analyzer { namespace Foo {
+namespace plugin {
+namespace Demo_Foo {
 
-class Foo_Analyzer : public tcp::TCP_ApplicationAnalyzer {
+class Foo : public analyzer::tcp::TCP_ApplicationAnalyzer {
 public:
-	Foo_Analyzer(Connection* conn);
-	~Foo_Analyzer();
+	Foo(Connection* conn);
+	~Foo();
 
 	virtual void Done();
 	virtual void DeliverStream(int len, const u_char* data, bool orig);
@@ -20,12 +21,12 @@ public:
 	virtual void EndpointEOF(bool is_orig);
 
 	static analyzer::Analyzer* Instantiate(Connection* conn)
-		{ return new Foo_Analyzer(conn); }
+		{ return new Foo(conn); }
 
 protected:
 	binpac::Foo::Foo_Conn* interp;
 };
 
-} } // namespace analyzer::* 
+} }
 
 #endif

testing/btest/plugins/protocol-plugin/src/Plugin.cc

@@ -10,7 +10,7 @@ class Plugin : public plugin::Plugin {
 public:
 	plugin::Configuration Configure()
 		{
-		AddComponent(new ::analyzer::Component("Foo", ::analyzer::Foo::Foo_Analyzer::Instantiate));
+		AddComponent(new ::analyzer::Component("Foo", plugin::Demo_Foo::Foo::Instantiate));
 
 		plugin::Configuration config;
 		config.name = "Demo::Foo";

testing/btest/plugins/protocol.bro

@@ -1,10 +1,10 @@
 # @TEST-EXEC: ${DIST}/aux/bro-aux/plugin-support/init-plugin Demo Foo
-# @TEST-EXEC: cp -r %DIR/analyzer-plugin/* .
+# @TEST-EXEC: cp -r %DIR/protocol-plugin/* .
 # @TEST-EXEC: make BRO=${DIST}
-# @TEST-EXEC: BRO_PLUGIN_PATH=`pwd` bro -NN | awk '/^Plugin:.*Demo/ {p=1; print; next} /^Plugin:/{p=0} p==1{print}' >>output
+# @TEST-EXEC: BRO_PLUGIN_PATH=`pwd` bro -NN Demo::Foo >>output
 # @TEST-EXEC: echo === >>output
 # @TEST-EXEC: BRO_PLUGIN_PATH=`pwd` bro -r $TRACES/port4242.trace %INPUT >>output
-# @TEST-EXEC: btest-diff output
+# @TEST-EXEC: TEST_DIFF_CANONIFIER= btest-diff output
 
 event foo_message(c: connection, data: string)
 	{