From c43bc52e18080d7630cdac7deb88d0cd54774eb7 Mon Sep 17 00:00:00 2001
From: Benjamin Bannier <benjamin.bannier@corelight.com>
Date: Tue, 10 Oct 2023 12:32:45 +0200
Subject: [PATCH] Name `LDAP::Message` and `LDAP::Search` `*Info`

---
 scripts/base/protocols/ldap/main.zeek          | 18 ++++++++----------
 .../coverage.record-fields/out.default         |  8 ++++----
 .../base/protocols/ldap/log_policy.zeek        |  4 ++--
 3 files changed, 14 insertions(+), 16 deletions(-)

diff --git a/scripts/base/protocols/ldap/main.zeek b/scripts/base/protocols/ldap/main.zeek
index 7c09049d1b..c0067b702a 100644
--- a/scripts/base/protocols/ldap/main.zeek
+++ b/scripts/base/protocols/ldap/main.zeek
@@ -29,8 +29,7 @@ export {
   #############################################################################
   # This is the format of ldap.log (ldap operations minus search-related)
   # Each line represents a unique connection+message_id (requests/responses)
-  type Message: record {
-
+  type MessageInfo: record {
     # Timestamp for when the event happened.
     ts: time &log;
 
@@ -68,8 +67,7 @@ export {
   #############################################################################
   # This is the format of ldap_search.log (search-related messages only)
   # Each line represents a unique connection+message_id (requests/responses)
-  type Search: record {
-
+  type SearchInfo: record {
     # Timestamp for when the event happened.
     ts: time &log;
 
@@ -110,8 +108,8 @@ export {
 
   # Event that can be handled to access the ldap record as it is sent on
   # to the logging framework.
-  global log_ldap: event(rec: LDAP::Message);
-  global log_ldap_search: event(rec: LDAP::Search);
+  global log_ldap: event(rec: LDAP::MessageInfo);
+  global log_ldap_search: event(rec: LDAP::SearchInfo);
 
   # Event called for each LDAP message (either direction)
   global LDAP::message: event(c: connection,
@@ -262,8 +260,8 @@ global OPCODES_SEARCH: set[LDAP::ProtocolOpcode] = { LDAP::ProtocolOpcode_SEARCH
 #############################################################################
 redef record connection += {
   ldap_proto: string &optional;
-  ldap_messages: table[int] of Message &optional;
-  ldap_searches: table[int] of Search &optional;
+  ldap_messages: table[int] of MessageInfo &optional;
+  ldap_searches: table[int] of SearchInfo &optional;
 };
 
 #############################################################################
@@ -271,8 +269,8 @@ event zeek_init() &priority=5 {
   Analyzer::register_for_ports(Analyzer::ANALYZER_LDAP_TCP, LDAP::ports_tcp);
   Analyzer::register_for_ports(Analyzer::ANALYZER_LDAP_UDP, LDAP::ports_udp);
 
-  Log::create_stream(LDAP::LDAP_LOG, [$columns=Message, $ev=log_ldap, $path="ldap", $policy=log_policy]);
-  Log::create_stream(LDAP::LDAP_SEARCH_LOG, [$columns=Search, $ev=log_ldap_search, $path="ldap_search", $policy=log_policy_search]);
+  Log::create_stream(LDAP::LDAP_LOG, [$columns=MessageInfo, $ev=log_ldap, $path="ldap", $policy=log_policy]);
+  Log::create_stream(LDAP::LDAP_SEARCH_LOG, [$columns=SearchInfo, $ev=log_ldap_search, $path="ldap_search", $policy=log_policy_search]);
 }
 
 #############################################################################
diff --git a/testing/btest/Baseline/coverage.record-fields/out.default b/testing/btest/Baseline/coverage.record-fields/out.default
index 68d049e536..57eb1712bc 100644
--- a/testing/btest/Baseline/coverage.record-fields/out.default
+++ b/testing/btest/Baseline/coverage.record-fields/out.default
@@ -360,8 +360,8 @@ connection {
         * ts: time, log=T, optional=F
         * uid: string, log=T, optional=F
        }
-  * ldap_messages: table[int] of record LDAP::Message, log=F, optional=T
-      LDAP::Message {
+  * ldap_messages: table[int] of record LDAP::MessageInfo, log=F, optional=T
+      LDAP::MessageInfo {
         * argument: vector of string, log=T, optional=T
         * diagnostic_message: vector of string, log=T, optional=T
         * id: record conn_id, log=T, optional=F
@@ -376,8 +376,8 @@ connection {
         * version: int, log=T, optional=T
        }
   * ldap_proto: string, log=F, optional=T
-  * ldap_searches: table[int] of record LDAP::Search, log=F, optional=T
-      LDAP::Search {
+  * ldap_searches: table[int] of record LDAP::SearchInfo, log=F, optional=T
+      LDAP::SearchInfo {
         * attributes: vector of string, log=T, optional=T
         * base_object: vector of string, log=T, optional=T
         * deref: set[string], log=T, optional=T
diff --git a/testing/btest/scripts/base/protocols/ldap/log_policy.zeek b/testing/btest/scripts/base/protocols/ldap/log_policy.zeek
index 6a9b0d6f14..b12adc8ebd 100644
--- a/testing/btest/scripts/base/protocols/ldap/log_policy.zeek
+++ b/testing/btest/scripts/base/protocols/ldap/log_policy.zeek
@@ -10,12 +10,12 @@
 #
 # @TEST-DOC: Test LDAP analyzer with small trace using logging policies.
 
-hook LDAP::log_policy(rec: LDAP::Message, id: Log::ID, filter: Log::Filter)
+hook LDAP::log_policy(rec: LDAP::MessageInfo, id: Log::ID, filter: Log::Filter)
 	{
 	break;
 	}
 
-hook LDAP::log_policy_search(rec: LDAP::Search, id: Log::ID,
+hook LDAP::log_policy_search(rec: LDAP::SearchInfo, id: Log::ID,
     filter: Log::Filter)
 	{
 	break;