Merge remote-tracking branch 'origin/topic/jsiwek/zeek-script-args'

* origin/topic/jsiwek/zeek-script-args:
  Improve zeek_script_args test case and documentation
  Apply suggestions from code review
  Add a test for script args.
  Fixed an option processing bug
  Make it possible to pass command line options through to scripts.

CHANGES

@@ -1,4 +1,15 @@
 
+3.3.0-dev.409 | 2020-10-13 13:32:18 -0700
+
+  * Make it possible to pass command line options through to scripts. (Seth Hall, Corelight)
+
+    A new ``zeek_script_args`` variable contains a list of arguments passed
+    to a script.  E.g. either when explicitly executing Zeek like
+    ``zeek -- myscript.zeek -arg1 -arg2``, or when using Zeek to interpret
+    executable scripts that contain a hashbang line at the top like::
+
+      #!/usr/local/zeek/bin/zeek --
+
 3.3.0-dev.403 | 2020-10-13 10:50:12 -0700
 
   * Add new Pcap::findalldevs() BIF (Seth Hall, Corelight)

NEWS

@@ -37,7 +37,7 @@ New Functionality
 - Added a ``udp-state`` signature condition to enforce matching against
   either "originator" or "responder" flow direction of UDP packets.
 
-- Improvements to catpure-loss.zeek:
+- Improvements to capture-loss.zeek:
 
   - A new option, ``CaptureLoss::initial_watch_interval``.  When restarting a
     Zeek cluster, one usually wants some immediate feedback as to the health of
@@ -54,6 +54,13 @@ New Functionality
     capture-loss.zeek would have previously only reported that "0 gaps and 0
     ACKs is 0% loss".
 
+- A new ``zeek_script_args`` variable contains a list of arguments passed
+  to a script.  E.g. either when explicitly executing Zeek like
+  ``zeek -- myscript.zeek -arg1 -arg2``, or when using Zeek to interpret
+  executable scripts that contain a hashbang line at the top like::
+
+    #!/usr/local/zeek/bin/zeek --
+
 Changed Functionality
 ---------------------
 

VERSION

@@ -1 +1 @@
-3.3.0-dev.403
+3.3.0-dev.409

scripts/base/init-bare.zeek

@@ -454,6 +454,18 @@ type connection: record {
 	inner_vlan: int &optional;
 };
 
+## Arguments given to Zeek from the command line. In order to use this, Zeek
+## must use a ``--`` command line argument immediately followed by a script
+## file and additional arguments after that. For example::
+##
+##   zeek --bare-mode -- myscript.zeek -a -b -c
+##
+## To use Zeek as an executable interpreter, include a line at the top of a script
+## like the following and make the script executable::
+##
+##   #!/usr/local/zeek/bin/zeek --
+const zeek_script_args: vector of string = vector();
+
 ## Default amount of time a file can be inactive before the file analysis
 ## gives up and discards any internal state related to the file.
 option default_file_timeout_interval: interval = 2 mins;

src/Options.cc

@@ -5,6 +5,7 @@
 #include "Options.h"
 
 #include <algorithm>
+#include <sstream>
 
 #include <unistd.h>
 
@@ -186,8 +187,48 @@ Options parse_cmdline(int argc, char** argv)
 		}
 	else
 		{
-		for ( auto i = 0; i < argc; ++i )
-			zeek_args.emplace_back(argv[i]);
+		if ( argc > 1 )
+			{
+			auto endsWith = [](const std::string& str, const std::string& suffix)
+				{
+				return str.size() >= suffix.size() && 0 == str.compare(str.size()-suffix.size(), suffix.size(), suffix);
+				};
+
+			auto i = 0;
+			for ( ; i < argc && ! endsWith(argv[i], "--"); ++i )
+				{
+				zeek_args.emplace_back(argv[i]);
+				}
+
+			if ( i < argc )
+				{
+				// If a script is invoked with Zeek as the interpreter, the arguments provided
+				// directly in the interpreter line of the script won't be broken apart in the 
+				// argv on Linux so we split it up here.
+				if ( endsWith(argv[i], "--") && zeek_args.size() == 1 )
+					{
+					std::istringstream iss(argv[i]);
+					for ( std::string s; iss >> s; )
+						{
+						if ( ! endsWith(s, "--") )
+							{
+							zeek_args.emplace_back(s);
+							}
+						}
+					}
+
+				// There is an additional increment here to skip over the "--" if it was found.
+				if ( endsWith(argv[i], "--") )
+					++i;
+
+				// The first argument after the double hyphens in implicitly a script name.
+				rval.scripts_to_load.emplace_back(argv[i++]);
+
+				// If there are more argument, grab them for script arguments
+				for ( ; i < argc; ++i )
+					rval.script_args.emplace_back(argv[i]);
+				}
+			}
 		}
 
 	constexpr struct option long_opts[] = {

src/Options.h

@@ -74,6 +74,8 @@ struct Options {
 	std::set<std::string> plugins_to_load;
 	std::vector<std::string> scripts_to_load;
 	std::vector<std::string> script_options_to_set;
+
+	std::vector<std::string> script_args;
 };
 
 /**

src/zeek-setup.cc

@@ -660,6 +660,16 @@ SetupResult setup(int argc, char** argv, Options* zopts)
 	init_net_var();
 	run_bif_initializers();
 
+	// Assign the script_args for command line processing in Zeek scripts.
+	if ( ! options.script_args.empty() )
+		{
+		auto script_args_val = id::find_val<VectorVal>("zeek_script_args");
+		for ( const string& script_arg : options.script_args )
+			{
+			script_args_val->Assign(script_args_val->Size(), make_intrusive<StringVal>(script_arg));
+			}
+		}
+
 	// Must come after plugin activation (and also after hash
 	// initialization).
 	binpac::FlowBuffer::Policy flowbuffer_policy;

testing/btest/Baseline/core.script-args/out

@@ -0,0 +1,2 @@
+[-a, -b, -c]
+[-d, -e, -f]

testing/btest/core/script-args.zeek

@@ -0,0 +1,14 @@
+# @TEST-EXEC: printf '#!' > test.zeek
+# @TEST-EXEC: printf "$BUILD/src/zeek -b --\n" >> test.zeek
+# @TEST-EXEC: cat %INPUT >> test.zeek
+# @TEST-EXEC: chmod u+x test.zeek
+
+# @TEST-EXEC: zeek -b -- %INPUT -a -b -c >out
+# @TEST-EXEC: $(dirname %INPUT)/test.zeek -d -e -f >>out
+
+# @TEST-EXEC: btest-diff out
+
+event zeek_init()
+	{
+	print zeek_script_args;
+	}