Additional Bro to Zeek renaming

Most of these changes are either cmake-related or plugin-related.
Added a new test "plugins/legacy.zeek" to test that legacy Bro plugins
still work.

Also added a symlink bro-path-dev.in because some legacy Bro packages
won't install without it.

.travis.yml

@@ -16,10 +16,10 @@ branches:
 notifications:
   email:
     recipients:
-    - bro-commits-internal@bro.org
+    - zeek-commits-internal@zeek.org
 
-# Build Bro and run tests in the following Linux distros (specifying "travis"
-# builds bro in Travis without using docker).
+# Build Zeek and run tests in the following Linux distros (specifying "travis"
+# builds Zeek in Travis without using docker).
 env:
   - distro: centos_7
   - distro: debian_9

CMakeLists.txt

@@ -1,4 +1,4 @@
-project(Bro C CXX)
+project(Zeek C CXX)
 
 # When changing the minimum version here, also adapt
 # aux/zeek-aux/plugin-support/skeleton/CMakeLists.txt
@@ -21,23 +21,23 @@ if ( ENABLE_CCACHE )
     set(CMAKE_CXX_COMPILER_LAUNCHER ${CCACHE_PROGRAM})
 endif ()
 
-set(BRO_ROOT_DIR ${CMAKE_INSTALL_PREFIX})
-if (NOT BRO_SCRIPT_INSTALL_PATH)
+set(ZEEK_ROOT_DIR ${CMAKE_INSTALL_PREFIX})
+if (NOT ZEEK_SCRIPT_INSTALL_PATH)
     # set the default Zeek script installation path (user did not specify one)
-    set(BRO_SCRIPT_INSTALL_PATH ${BRO_ROOT_DIR}/share/bro)
+    set(ZEEK_SCRIPT_INSTALL_PATH ${ZEEK_ROOT_DIR}/share/bro)
 endif ()
 
-if (NOT BRO_MAN_INSTALL_PATH)
+if (NOT ZEEK_MAN_INSTALL_PATH)
     # set the default Zeek man page installation path (user did not specify one)
-    set(BRO_MAN_INSTALL_PATH ${BRO_ROOT_DIR}/share/man)
+    set(ZEEK_MAN_INSTALL_PATH ${ZEEK_ROOT_DIR}/share/man)
 endif ()
 
 # sanitize the Zeek script install directory into an absolute path
 # (CMake is confused by ~ as a representation of home directory)
-get_filename_component(BRO_SCRIPT_INSTALL_PATH ${BRO_SCRIPT_INSTALL_PATH}
+get_filename_component(ZEEK_SCRIPT_INSTALL_PATH ${ZEEK_SCRIPT_INSTALL_PATH}
     ABSOLUTE)
 
-set(BRO_PLUGIN_INSTALL_PATH ${BRO_ROOT_DIR}/lib/bro/plugins CACHE STRING "Installation path for plugins" FORCE)
+set(BRO_PLUGIN_INSTALL_PATH ${ZEEK_ROOT_DIR}/lib/bro/plugins CACHE STRING "Installation path for plugins" FORCE)
 
 configure_file(zeek-path-dev.in ${CMAKE_CURRENT_BINARY_DIR}/zeek-path-dev)
 
@@ -211,7 +211,7 @@ if ( ${CMAKE_SYSTEM_NAME} MATCHES Linux AND EXISTS /etc/os-release )
     endif ()
 endif ()
 
-set(brodeps
+set(zeekdeps
     ${BinPAC_LIBRARY}
     ${PCAP_LIBRARY}
     ${OPENSSL_LIBRARIES}
@@ -241,16 +241,16 @@ include(GetArchitecture)
 include(RequireCXX11)
 
 if ( (OPENSSL_VERSION VERSION_EQUAL "1.1.0") OR (OPENSSL_VERSION VERSION_GREATER "1.1.0") )
-  set(BRO_HAVE_OPENSSL_1_1 true CACHE INTERNAL "" FORCE)
+  set(ZEEK_HAVE_OPENSSL_1_1 true CACHE INTERNAL "" FORCE)
 endif()
 
 # Tell the plugin code that we're building as part of the main tree.
-set(BRO_PLUGIN_INTERNAL_BUILD true CACHE INTERNAL "" FORCE)
+set(ZEEK_PLUGIN_INTERNAL_BUILD true CACHE INTERNAL "" FORCE)
 
-set(DEFAULT_BROPATH .:${BRO_SCRIPT_INSTALL_PATH}:${BRO_SCRIPT_INSTALL_PATH}/policy:${BRO_SCRIPT_INSTALL_PATH}/site)
+set(DEFAULT_ZEEKPATH .:${ZEEK_SCRIPT_INSTALL_PATH}:${ZEEK_SCRIPT_INSTALL_PATH}/policy:${ZEEK_SCRIPT_INSTALL_PATH}/site)
 
 if ( NOT BINARY_PACKAGING_MODE )
-    set(BRO_DIST ${CMAKE_SOURCE_DIR})
+    set(ZEEK_DIST ${CMAKE_SOURCE_DIR})
 endif ()
 
 string(TOLOWER ${CMAKE_BUILD_TYPE} CMAKE_BUILD_TYPE_LOWER)
@@ -262,19 +262,19 @@ install(FILES ${CMAKE_CURRENT_BINARY_DIR}/zeek-config.h DESTINATION include/bro)
 if ( CAF_ROOT_DIR )
   set(ZEEK_CONFIG_CAF_ROOT_DIR ${CAF_ROOT_DIR})
 else ()
-  set(ZEEK_CONFIG_CAF_ROOT_DIR ${BRO_ROOT_DIR})
+  set(ZEEK_CONFIG_CAF_ROOT_DIR ${ZEEK_ROOT_DIR})
 endif ()
 
 if ( BinPAC_ROOT_DIR )
   set(ZEEK_CONFIG_BINPAC_ROOT_DIR ${BinPAC_ROOT_DIR})
 else ()
-  set(ZEEK_CONFIG_BINPAC_ROOT_DIR ${BRO_ROOT_DIR})
+  set(ZEEK_CONFIG_BINPAC_ROOT_DIR ${ZEEK_ROOT_DIR})
 endif ()
 
 if ( BROKER_ROOT_DIR )
   set(ZEEK_CONFIG_BROKER_ROOT_DIR ${BROKER_ROOT_DIR})
 else ()
-  set(ZEEK_CONFIG_BROKER_ROOT_DIR ${BRO_ROOT_DIR})
+  set(ZEEK_CONFIG_BROKER_ROOT_DIR ${ZEEK_ROOT_DIR})
 endif ()
 
 configure_file(${CMAKE_CURRENT_SOURCE_DIR}/zeek-config.in
@@ -298,7 +298,7 @@ if ( BROKER_ROOT_DIR )
   find_package(Broker REQUIRED)
   find_package(CAF COMPONENTS core io openssl REQUIRED)
 
-  set(brodeps ${brodeps} ${BROKER_LIBRARY} ${CAF_LIBRARIES})
+  set(zeekdeps ${zeekdeps} ${BROKER_LIBRARY} ${CAF_LIBRARIES})
   include_directories(BEFORE ${BROKER_INCLUDE_DIR})
 else ()
   set(ENABLE_STATIC_ONLY_SAVED ${ENABLE_STATIC_ONLY})
@@ -311,9 +311,9 @@ else ()
   set(ENABLE_STATIC_ONLY ${ENABLE_STATIC_ONLY_SAVED})
 
   if ( BUILD_STATIC_BROKER )
-    set(brodeps ${brodeps} broker_static)
+    set(zeekdeps ${zeekdeps} broker_static)
   else()
-    set(brodeps ${brodeps} broker)
+    set(zeekdeps ${zeekdeps} broker)
   endif()
   include_directories(BEFORE ${CMAKE_CURRENT_SOURCE_DIR}/aux/broker
                              ${CMAKE_CURRENT_BINARY_DIR}/aux/broker)
@@ -363,7 +363,7 @@ message(
     "\nBuild type:        ${CMAKE_BUILD_TYPE}"
     "\nBuild dir:         ${CMAKE_BINARY_DIR}"
     "\nInstall prefix:    ${CMAKE_INSTALL_PREFIX}"
-    "\nZeek Script Path:  ${BRO_SCRIPT_INSTALL_PATH}"
+    "\nZeek Script Path:  ${ZEEK_SCRIPT_INSTALL_PATH}"
     "\nDebug mode:        ${ENABLE_DEBUG}"
     "\n"
     "\nCC:                ${CMAKE_C_COMPILER}"

bro-path-dev.in

@@ -0,0 +1 @@
+zeek-path-dev.in

configure

@@ -130,10 +130,10 @@ builddir=build
 prefix=/usr/local/bro
 CMakeCacheEntries=""
 append_cache_entry CMAKE_INSTALL_PREFIX PATH   $prefix
-append_cache_entry BRO_ROOT_DIR         PATH   $prefix
+append_cache_entry ZEEK_ROOT_DIR        PATH   $prefix
 append_cache_entry PY_MOD_INSTALL_DIR   PATH   $prefix/lib/zeekctl
-append_cache_entry BRO_SCRIPT_INSTALL_PATH STRING $prefix/share/bro
-append_cache_entry BRO_ETC_INSTALL_DIR  PATH   $prefix/etc
+append_cache_entry ZEEK_SCRIPT_INSTALL_PATH STRING $prefix/share/bro
+append_cache_entry ZEEK_ETC_INSTALL_DIR PATH   $prefix/etc
 append_cache_entry ENABLE_DEBUG         BOOL   false
 append_cache_entry ENABLE_PERFTOOLS     BOOL   false
 append_cache_entry ENABLE_PERFTOOLS_DEBUG BOOL false
@@ -179,25 +179,25 @@ while [ $# -ne 0 ]; do
         --prefix=*)
             prefix=$optarg
             append_cache_entry CMAKE_INSTALL_PREFIX PATH   $optarg
-            append_cache_entry BRO_ROOT_DIR         PATH   $optarg
+            append_cache_entry ZEEK_ROOT_DIR        PATH   $optarg
             append_cache_entry PY_MOD_INSTALL_DIR   PATH   $optarg/lib/zeekctl
             ;;
         --scriptdir=*)
-            append_cache_entry BRO_SCRIPT_INSTALL_PATH STRING $optarg
+            append_cache_entry ZEEK_SCRIPT_INSTALL_PATH STRING $optarg
             user_set_scriptdir="true"
             ;;
         --conf-files-dir=*)
-            append_cache_entry BRO_ETC_INSTALL_DIR PATH $optarg
+            append_cache_entry ZEEK_ETC_INSTALL_DIR PATH   $optarg
             user_set_conffilesdir="true"
             ;;
         --localstatedir=*)
-            append_cache_entry BRO_LOCAL_STATE_DIR  PATH   $optarg
+            append_cache_entry ZEEK_LOCAL_STATE_DIR PATH   $optarg
             ;;
         --spooldir=*)
-            append_cache_entry BRO_SPOOL_DIR  PATH   $optarg
+            append_cache_entry ZEEK_SPOOL_DIR       PATH   $optarg
             ;;
         --logdir=*)
-            append_cache_entry BRO_LOG_DIR  PATH   $optarg
+            append_cache_entry ZEEK_LOG_DIR         PATH   $optarg
             ;;
         --enable-coverage)
             append_cache_entry ENABLE_COVERAGE         BOOL   true
@@ -321,11 +321,11 @@ while [ $# -ne 0 ]; do
 done
 
 if [ "$user_set_scriptdir" != "true" ]; then
-    append_cache_entry BRO_SCRIPT_INSTALL_PATH STRING $prefix/share/bro
+    append_cache_entry ZEEK_SCRIPT_INSTALL_PATH STRING $prefix/share/bro
 fi
 
 if [ "$user_set_conffilesdir" != "true" ]; then
-    append_cache_entry BRO_ETC_INSTALL_DIR PATH $prefix/etc
+    append_cache_entry ZEEK_ETC_INSTALL_DIR PATH $prefix/etc
 fi
 
 if [ -d $builddir ]; then

man/CMakeLists.txt

@@ -1,5 +1,5 @@
 
-install(DIRECTORY . DESTINATION ${BRO_MAN_INSTALL_PATH}/man8 FILES_MATCHING
+install(DIRECTORY . DESTINATION ${ZEEK_MAN_INSTALL_PATH}/man8 FILES_MATCHING
         PATTERN "*.8"
 )
 

man/zeek.8

@@ -1,8 +1,8 @@
-.TH BRO "8" "November 2014" "bro" "System Administration Utilities"
+.TH ZEEK "8" "November 2014" "zeek" "System Administration Utilities"
 .SH NAME
-bro \- passive network traffic analyzer
+zeek \- passive network traffic analyzer
 .SH SYNOPSIS
-.B bro
+.B zeek
 \/\fP [\fIoptions\fR] [\fIfile\fR ...]
 .SH DESCRIPTION
 Zeek is primarily a security monitor that inspects all traffic on a link in
@@ -30,7 +30,7 @@ don't load scripts from the base/ directory
 \fB\-d\fR,\ \-\-debug\-policy
 activate policy file debugging
 .TP
-\fB\-e\fR,\ \-\-exec <bro code>
+\fB\-e\fR,\ \-\-exec <zeek code>
 augment loaded policies by given code
 .TP
 \fB\-f\fR,\ \-\-filter <filter>
@@ -149,5 +149,5 @@ Output file for script execution statistics
 .B BRO_DISABLE_BROXYGEN
 Disable Zeekygen (Broxygen) documentation support
 .SH AUTHOR
-.B bro
+.B zeek
 was written by The Zeek Project <info@zeek.org>.

scripts/CMakeLists.txt

@@ -1,6 +1,6 @@
 include(InstallPackageConfigFile)
 
-install(DIRECTORY ./ DESTINATION ${BRO_SCRIPT_INSTALL_PATH} FILES_MATCHING
+install(DIRECTORY ./ DESTINATION ${ZEEK_SCRIPT_INSTALL_PATH} FILES_MATCHING
         PATTERN "site/local*" EXCLUDE
         PATTERN "test-all-policy.zeek" EXCLUDE
         PATTERN "*.zeek"
@@ -14,8 +14,8 @@ if ( NOT BINARY_PACKAGING_MODE )
   # because ZeekControl will now prefer to load local.zeek rather than local.bro
   # and we're about to install a default version of local.zeek.
 
-  set(_local_bro_dst ${BRO_SCRIPT_INSTALL_PATH}/site/local.bro)
-  set(_local_zeek_dst ${BRO_SCRIPT_INSTALL_PATH}/site/local.zeek)
+  set(_local_bro_dst ${ZEEK_SCRIPT_INSTALL_PATH}/site/local.bro)
+  set(_local_zeek_dst ${ZEEK_SCRIPT_INSTALL_PATH}/site/local.zeek)
 
   install(CODE "
     if ( \"\$ENV{DESTDIR}\" STREQUAL \"\" )
@@ -31,5 +31,5 @@ endif ()
 # Install local script as a config file since it's meant to be modified directly.
 InstallPackageConfigFile(
     ${CMAKE_CURRENT_SOURCE_DIR}/site/local.zeek
-    ${BRO_SCRIPT_INSTALL_PATH}/site
+    ${ZEEK_SCRIPT_INSTALL_PATH}/site
     local.zeek)

src/CMakeLists.txt

@@ -352,10 +352,10 @@ collect_headers(bro_HEADERS ${bro_SRCS})
 
 if ( bro_HAVE_OBJECT_LIBRARIES )
     add_executable(zeek ${bro_SRCS} ${bro_HEADERS} ${bro_SUBDIRS})
-    target_link_libraries(zeek ${brodeps} ${CMAKE_THREAD_LIBS_INIT} ${CMAKE_DL_LIBS})
+    target_link_libraries(zeek ${zeekdeps} ${CMAKE_THREAD_LIBS_INIT} ${CMAKE_DL_LIBS})
 else ()
     add_executable(zeek ${bro_SRCS} ${bro_HEADERS})
-    target_link_libraries(zeek ${bro_SUBDIRS} ${brodeps} ${CMAKE_THREAD_LIBS_INIT} ${CMAKE_DL_LIBS})
+    target_link_libraries(zeek ${bro_SUBDIRS} ${zeekdeps} ${CMAKE_THREAD_LIBS_INIT} ${CMAKE_DL_LIBS})
 endif ()
 
 if ( NOT "${bro_LINKER_FLAGS}" STREQUAL "" )
@@ -399,7 +399,7 @@ add_dependencies(bif_loader_plugins ${bro_SUBDIRS})
 add_dependencies(zeek bif_loader_plugins)
 
 # Install *.bif.zeek.
-install(DIRECTORY ${CMAKE_BINARY_DIR}/scripts/base/bif DESTINATION ${BRO_SCRIPT_INSTALL_PATH}/base)
+install(DIRECTORY ${CMAKE_BINARY_DIR}/scripts/base/bif DESTINATION ${ZEEK_SCRIPT_INSTALL_PATH}/base)
 
 # Create plugin directory at install time.
 install(DIRECTORY DESTINATION ${BRO_PLUGIN_INSTALL_PATH})
@@ -411,9 +411,9 @@ set_directory_properties(PROPERTIES ADDITIONAL_MAKE_CLEAN_FILES ${CMAKE_BINARY_D
 # place, yet make confuse us now. This makes upgrading easier.
 install(CODE "
    file(REMOVE_RECURSE
-       ${BRO_SCRIPT_INSTALL_PATH}/base/frameworks/logging/writers/dataseries.bro
-       ${BRO_SCRIPT_INSTALL_PATH}/base/frameworks/logging/writers/elasticsearch.bro
-       ${BRO_SCRIPT_INSTALL_PATH}/policy/tuning/logs-to-elasticsearch.bro
+       ${ZEEK_SCRIPT_INSTALL_PATH}/base/frameworks/logging/writers/dataseries.bro
+       ${ZEEK_SCRIPT_INSTALL_PATH}/base/frameworks/logging/writers/elasticsearch.bro
+       ${ZEEK_SCRIPT_INSTALL_PATH}/policy/tuning/logs-to-elasticsearch.bro
    )
 ")
 

src/analyzer/CMakeLists.txt

@@ -1,5 +1,5 @@
 
-include(BroSubdir)
+include(ZeekSubdir)
 
 include_directories(BEFORE
                     ${CMAKE_CURRENT_SOURCE_DIR}

src/bro.bif

@@ -3523,7 +3523,7 @@ function lookup_addr%(host: addr%) : string
 
 ## Issues an asynchronous TEXT DNS lookup and delays the function result.
 ## This function can therefore only be called inside a ``when`` condition,
-## e.g., ``when ( local h = lookup_hostname_txt("www.bro.org") ) { f(h); }``.
+## e.g., ``when ( local h = lookup_hostname_txt("www.zeek.org") ) { f(h); }``.
 ##
 ## host: The hostname to lookup.
 ##
@@ -3552,7 +3552,7 @@ function lookup_hostname_txt%(host: string%) : string
 
 ## Issues an asynchronous DNS lookup and delays the function result.
 ## This function can therefore only be called inside a ``when`` condition,
-## e.g., ``when ( local h = lookup_hostname("www.bro.org") ) { f(h); }``.
+## e.g., ``when ( local h = lookup_hostname("www.zeek.org") ) { f(h); }``.
 ##
 ## host: The hostname to lookup.
 ##

src/broker/CMakeLists.txt

@@ -1,4 +1,4 @@
-include(BroSubdir)
+include(ZeekSubdir)
 
 include_directories(BEFORE
                     ${CMAKE_CURRENT_SOURCE_DIR}

src/file_analysis/CMakeLists.txt

@@ -1,4 +1,4 @@
-include(BroSubdir)
+include(ZeekSubdir)
 
 include_directories(BEFORE
                     ${CMAKE_CURRENT_SOURCE_DIR}

src/input/CMakeLists.txt

@@ -1,5 +1,5 @@
 
-include(BroSubdir)
+include(ZeekSubdir)
 
 include_directories(BEFORE
                     ${CMAKE_CURRENT_SOURCE_DIR}

src/iosource/CMakeLists.txt

@@ -1,5 +1,5 @@
 
-include(BroSubdir)
+include(ZeekSubdir)
 
 include_directories(BEFORE
                     ${CMAKE_CURRENT_SOURCE_DIR}

src/logging/CMakeLists.txt

@@ -1,5 +1,5 @@
 
-include(BroSubdir)
+include(ZeekSubdir)
 
 include_directories(BEFORE
                     ${CMAKE_CURRENT_SOURCE_DIR}

src/main.cc

@@ -161,7 +161,7 @@ void usage(int code = 1)
 	fprintf(stderr, "    -a|--parse-only                | exit immediately after parsing scripts\n");
 	fprintf(stderr, "    -b|--bare-mode                 | don't load scripts from the base/ directory\n");
 	fprintf(stderr, "    -d|--debug-policy              | activate policy file debugging\n");
-	fprintf(stderr, "    -e|--exec <bro code>           | augment loaded policies by given code\n");
+	fprintf(stderr, "    -e|--exec <zeek code>          | augment loaded policies by given code\n");
 	fprintf(stderr, "    -f|--filter <filter>           | tcpdump filter\n");
 	fprintf(stderr, "    -h|--help                      | command line help\n");
 	fprintf(stderr, "    -i|--iface <interface>         | read from given interface\n");

src/probabilistic/CMakeLists.txt

@@ -1,5 +1,5 @@
 
-include(BroSubdir)
+include(ZeekSubdir)
 
 include_directories(BEFORE
                     ${CMAKE_CURRENT_SOURCE_DIR}

src/util-config.h.in

@@ -1,3 +1,3 @@
-#define BRO_SCRIPT_INSTALL_PATH "@BRO_SCRIPT_INSTALL_PATH@"
+#define ZEEK_SCRIPT_INSTALL_PATH "@ZEEK_SCRIPT_INSTALL_PATH@"
 #define BRO_PLUGIN_INSTALL_PATH "@BRO_PLUGIN_INSTALL_PATH@"
-#define DEFAULT_BROPATH "@DEFAULT_BROPATH@"
+#define DEFAULT_ZEEKPATH "@DEFAULT_ZEEKPATH@"

src/util.cc

@@ -961,7 +961,7 @@ const std::string& bro_path()
 		const char* path = getenv("BROPATH");
 
 		if ( ! path )
-			path = DEFAULT_BROPATH;
+			path = DEFAULT_ZEEKPATH;
 
 		bro_path_value = path;
 		}

src/zeekygen/CMakeLists.txt

@@ -1,6 +1,6 @@
 # See the file "COPYING" in the main distribution directory for copyright.
 
-include(BroSubdir)
+include(ZeekSubdir)
 
 include_directories(BEFORE
                     ${CMAKE_CURRENT_SOURCE_DIR}

testing/btest/Baseline/plugins.legacy/output

@@ -0,0 +1,6 @@
+Demo::Foo - A Foo test analyzer (dynamic, version 1.0.0)
+    [Analyzer] Foo (ANALYZER_FOO, enabled)
+    [Event] foo_message
+
+===
+foo_message, [orig_h=::1, orig_p=37927/tcp, resp_h=::1, resp_p=4242/tcp], Hello, Foo!\x0a

testing/btest/bifs/x509_verify.zeek

@@ -8,7 +8,7 @@
 # @TEST-EXEC: cp .stdout stdout-openssl-1.0
 # @TEST-EXEC: cp .stdout stdout-openssl-1.1
 
-# @TEST-EXEC: grep -q "BRO_HAVE_OPENSSL_1_1" $BUILD/CMakeCache.txt && btest-diff stdout-openssl-1.1 || btest-diff stdout-openssl-1.0
+# @TEST-EXEC: grep -q "ZEEK_HAVE_OPENSSL_1_1" $BUILD/CMakeCache.txt && btest-diff stdout-openssl-1.1 || btest-diff stdout-openssl-1.0
 
 redef SSL::root_certs += {
 	["OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US"] = "\x30\x82\x02\x3C\x30\x82\x01\xA5\x02\x10\x70\xBA\xE4\x1D\x10\xD9\x29\x34\xB6\x38\xCA\x7B\x03\xCC\xBA\xBF\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x02\x05\x00\x30\x5F\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x55\x53\x31\x17\x30\x15\x06\x03\x55\x04\x0A\x13\x0E\x56\x65\x72\x69\x53\x69\x67\x6E\x2C\x20\x49\x6E\x63\x2E\x31\x37\x30\x35\x06\x03\x55\x04\x0B\x13\x2E\x43\x6C\x61\x73\x73\x20\x33\x20\x50\x75\x62\x6C\x69\x63\x20\x50\x72\x69\x6D\x61\x72\x79\x20\x43\x65\x72\x74\x69\x66\x69\x63\x61\x74\x69\x6F\x6E\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x30\x1E\x17\x0D\x39\x36\x30\x31\x32\x39\x30\x30\x30\x30\x30\x30\x5A\x17\x0D\x32\x38\x30\x38\x30\x31\x32\x33\x35\x39\x35\x39\x5A\x30\x5F\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x55\x53\x31\x17\x30\x15\x06\x03\x55\x04\x0A\x13\x0E\x56\x65\x72\x69\x53\x69\x67\x6E\x2C\x20\x49\x6E\x63\x2E\x31\x37\x30\x35\x06\x03\x55\x04\x0B\x13\x2E\x43\x6C\x61\x73\x73\x20\x33\x20\x50\x75\x62\x6C\x69\x63\x20\x50\x72\x69\x6D\x61\x72\x79\x20\x43\x65\x72\x74\x69\x66\x69\x63\x61\x74\x69\x6F\x6E\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x30\x81\x9F\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01\x05\x00\x03\x81\x8D\x00\x30\x81\x89\x02\x81\x81\x00\xC9\x5C\x59\x9E\xF2\x1B\x8A\x01\x14\xB4\x10\xDF\x04\x40\xDB\xE3\x57\xAF\x6A\x45\x40\x8F\x84\x0C\x0B\xD1\x33\xD9\xD9\x11\xCF\xEE\x02\x58\x1F\x25\xF7\x2A\xA8\x44\x05\xAA\xEC\x03\x1F\x78\x7F\x9E\x93\xB9\x9A\x00\xAA\x23\x7D\xD6\xAC\x85\xA2\x63\x45\xC7\x72\x27\xCC\xF4\x4C\xC6\x75\x71\xD2\x39\xEF\x4F\x42\xF0\x75\xDF\x0A\x90\xC6\x8E\x20\x6F\x98\x0F\xF8\xAC\x23\x5F\x70\x29\x36\xA4\xC9\x86\xE7\xB1\x9A\x20\xCB\x53\xA5\x85\xE7\x3D\xBE\x7D\x9A\xFE\x24\x45\x33\xDC\x76\x15\xED\x0F\xA2\x71\x64\x4C\x65\x2E\x81\x68\x45\xA7\x02\x03\x01\x00\x01\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x02\x05\x00\x03\x81\x81\x00\xBB\x4C\x12\x2B\xCF\x2C\x26\x00\x4F\x14\x13\xDD\xA6\xFB\xFC\x0A\x11\x84\x8C\xF3\x28\x1C\x67\x92\x2F\x7C\xB6\xC5\xFA\xDF\xF0\xE8\x95\xBC\x1D\x8F\x6C\x2C\xA8\x51\xCC\x73\xD8\xA4\xC0\x53\xF0\x4E\xD6\x26\xC0\x76\x01\x57\x81\x92\x5E\x21\xF1\xD1\xB1\xFF\xE7\xD0\x21\x58\xCD\x69\x17\xE3\x44\x1C\x9C\x19\x44\x39\x89\x5C\xDC\x9C\x00\x0F\x56\x8D\x02\x99\xED\xA2\x90\x45\x4C\xE4\xBB\x10\xA4\x3D\xF0\x32\x03\x0E\xF1\xCE\xF8\xE8\xC9\x51\x8C\xE6\x62\x9F\xE6\x9F\xC0\x7D\xB7\x72\x9C\xC9\x36\x3A\x6B\x9F\x4E\xA8\xFF\x64\x0D\x64"

testing/btest/plugins/file-plugin/CMakeLists.txt

@@ -1,5 +1,5 @@
 
-project(Bro-Plugin-Demo-Foo)
+project(Zeek-Plugin-Demo-Foo)
 
 cmake_minimum_required(VERSION 2.6.3)
 
@@ -9,10 +9,10 @@ endif ()
 
 set(CMAKE_MODULE_PATH ${BRO_DIST}/cmake)
 
-include(BroPlugin)
+include(ZeekPlugin)
 
-bro_plugin_begin(Demo Foo)
-bro_plugin_cc(src/Plugin.cc)
-bro_plugin_cc(src/Foo.cc)
-bro_plugin_bif(src/events.bif)
-bro_plugin_end()
+zeek_plugin_begin(Demo Foo)
+zeek_plugin_cc(src/Plugin.cc)
+zeek_plugin_cc(src/Foo.cc)
+zeek_plugin_bif(src/events.bif)
+zeek_plugin_end()

testing/btest/plugins/legacy-plugin/CMakeLists.txt

@@ -0,0 +1,19 @@
+
+project(Zeek-Plugin-Demo-Foo)
+
+cmake_minimum_required(VERSION 2.6.3)
+
+if ( NOT BRO_DIST )
+    message(FATAL_ERROR "BRO_DIST not set")
+endif ()
+
+set(CMAKE_MODULE_PATH ${BRO_DIST}/cmake)
+
+include(BroPlugin)
+
+bro_plugin_begin(Demo Foo)
+bro_plugin_cc(src/Plugin.cc)
+bro_plugin_cc(src/Foo.cc)
+bro_plugin_bif(src/events.bif)
+bro_plugin_pac(src/foo.pac src/foo-protocol.pac src/foo-analyzer.pac)
+bro_plugin_end()

testing/btest/plugins/legacy-plugin/scripts/Demo/Foo/base/main.zeek

@@ -0,0 +1,7 @@
+
+const ports = { 4242/tcp };
+
+event zeek_init() &priority=5
+	{
+	Analyzer::register_for_ports(Analyzer::ANALYZER_FOO, ports);
+	}

testing/btest/plugins/legacy-plugin/scripts/__load__.zeek

@@ -0,0 +1 @@
+@load Demo/Foo/base/main

testing/btest/plugins/legacy-plugin/src/Foo.cc

@@ -0,0 +1,59 @@
+
+#include "Foo.h"
+#include "foo_pac.h"
+#include "events.bif.h"
+
+#include <analyzer/protocol/tcp/TCP_Reassembler.h>
+
+using namespace plugin::Demo_Foo;
+
+Foo::Foo(Connection* conn)
+    : analyzer::tcp::TCP_ApplicationAnalyzer("Foo", conn)
+	{
+	interp = new binpac::Foo::Foo_Conn(this);
+	}
+
+Foo::~Foo()
+	{
+	delete interp;
+	}
+
+void Foo::Done()
+	{
+	analyzer::tcp::TCP_ApplicationAnalyzer::Done();
+
+	interp->FlowEOF(true);
+	interp->FlowEOF(false);
+	}
+
+void Foo::EndpointEOF(bool is_orig)
+	{
+	analyzer::tcp::TCP_ApplicationAnalyzer::EndpointEOF(is_orig);
+	interp->FlowEOF(is_orig);
+	}
+
+void Foo::DeliverStream(int len, const u_char* data, bool orig)
+	{
+	analyzer::tcp::TCP_ApplicationAnalyzer::DeliverStream(len, data, orig);
+
+	assert(TCP());
+
+	if ( TCP()->IsPartial() )
+		// punt on partial.
+		return;
+
+	try
+		{
+		interp->NewData(orig, data, data + len);
+		}
+	catch ( const binpac::Exception& e )
+		{
+		ProtocolViolation(fmt("Binpac exception: %s", e.c_msg()));
+		}
+	}
+
+void Foo::Undelivered(uint64 seq, int len, bool orig)
+	{
+	analyzer::tcp::TCP_ApplicationAnalyzer::Undelivered(seq, len, orig);
+	interp->NewGap(orig, len);
+	}

testing/btest/plugins/legacy-plugin/src/Foo.h

@@ -0,0 +1,32 @@
+
+#ifndef BRO_PLUGIN_DEMO_FOO_H
+#define BRO_PLUGIN_DEMO_FOO_H
+
+#include "analyzer/protocol/tcp/TCP.h"
+#include "analyzer/protocol/pia/PIA.h"
+
+namespace binpac  { namespace Foo { class Foo_Conn; } }
+
+namespace plugin {
+namespace Demo_Foo {
+
+class Foo : public analyzer::tcp::TCP_ApplicationAnalyzer {
+public:
+	Foo(Connection* conn);
+	~Foo();
+
+	virtual void Done();
+	virtual void DeliverStream(int len, const u_char* data, bool orig);
+	virtual void Undelivered(uint64 seq, int len, bool orig);
+	virtual void EndpointEOF(bool is_orig);
+
+	static analyzer::Analyzer* Instantiate(Connection* conn)
+		{ return new Foo(conn); }
+
+protected:
+	binpac::Foo::Foo_Conn* interp;
+};
+
+} }
+
+#endif

testing/btest/plugins/legacy-plugin/src/Plugin.cc

@@ -0,0 +1,21 @@
+
+#include "Plugin.h"
+
+#include "Foo.h"
+
+namespace plugin { namespace Demo_Foo { Plugin plugin; } }
+
+using namespace plugin::Demo_Foo;
+
+plugin::Configuration Plugin::Configure()
+	{
+	AddComponent(new ::analyzer::Component("Foo", plugin::Demo_Foo::Foo::Instantiate));
+
+	plugin::Configuration config;
+	config.name = "Demo::Foo";
+	config.description = "A Foo test analyzer";
+	config.version.major = 1;
+	config.version.minor = 0;
+	config.version.patch = 0;
+	return config;
+	}

testing/btest/plugins/legacy-plugin/src/events.bif

@@ -0,0 +1,2 @@
+
+event foo_message%(c: connection, data: string%);

testing/btest/plugins/legacy-plugin/src/foo-analyzer.pac

@@ -0,0 +1,15 @@
+
+refine connection Foo_Conn += {
+
+	function Foo_data(msg: Foo_Message): bool
+		%{
+		StringVal* data = new StringVal(${msg.data}.length(), (const char*) ${msg.data}.data());
+		BifEvent::generate_foo_message(bro_analyzer(), bro_analyzer()->Conn(), data);
+		return true;
+		%}
+
+};
+
+refine typeattr Foo_Message += &let {
+	proc: bool = $context.connection.Foo_data(this);
+};

testing/btest/plugins/legacy-plugin/src/foo-protocol.pac

@@ -0,0 +1,4 @@
+
+type Foo_Message(is_orig: bool) = record {
+	data: bytestring &restofdata;
+};

testing/btest/plugins/legacy-plugin/src/foo.pac

@@ -0,0 +1,26 @@
+%include binpac.pac
+%include bro.pac
+
+%extern{
+#include "Foo.h"
+
+#include "events.bif.h"
+%}
+
+analyzer Foo withcontext {
+    connection: Foo_Conn;
+    flow:       Foo_Flow;
+};
+
+connection Foo_Conn(bro_analyzer: BroAnalyzer) {
+    upflow   = Foo_Flow(true);
+    downflow = Foo_Flow(false);
+};
+
+%include foo-protocol.pac
+
+flow Foo_Flow(is_orig: bool) {
+	datagram = Foo_Message(is_orig) withcontext(connection, this);
+};
+
+%include foo-analyzer.pac

testing/btest/plugins/legacy.zeek

@@ -0,0 +1,14 @@
+# Test that legacy Bro plugins still work.
+# @TEST-EXEC: ${DIST}/aux/zeek-aux/plugin-support/init-plugin -u . Demo Foo
+# @TEST-EXEC: cp -r %DIR/legacy-plugin/* .
+# @TEST-EXEC: ./configure --bro-dist=${DIST} && make
+# @TEST-EXEC: BRO_PLUGIN_PATH=`pwd` zeek -NN Demo::Foo >>output
+# @TEST-EXEC: echo === >>output
+# @TEST-EXEC: BRO_PLUGIN_PATH=`pwd` zeek -r $TRACES/port4242.trace %INPUT >>output
+# @TEST-EXEC: TEST_DIFF_CANONIFIER= btest-diff output
+
+event foo_message(c: connection, data: string)
+	{
+	print "foo_message", c$id, data;
+	}
+

testing/btest/plugins/pktdumper-plugin/CMakeLists.txt

@@ -1,17 +1,17 @@
 
-project(Bro-Plugin-Demo-Foo)
+project(Zeek-Plugin-Demo-Foo)
 
 cmake_minimum_required(VERSION 2.6.3)
 
-if ( NOT BRO_DIST )
-    message(FATAL_ERROR "BRO_DIST not set")
+if ( NOT ZEEK_DIST )
+    message(FATAL_ERROR "ZEEK_DIST not set")
 endif ()
 
-set(CMAKE_MODULE_PATH ${BRO_DIST}/cmake)
+set(CMAKE_MODULE_PATH ${ZEEK_DIST}/cmake)
 
-include(BroPlugin)
+include(ZeekPlugin)
 
-bro_plugin_begin(Demo Foo)
-bro_plugin_cc(src/Plugin.cc)
-bro_plugin_cc(src/Foo.cc)
-bro_plugin_end()
+zeek_plugin_begin(Demo Foo)
+zeek_plugin_cc(src/Plugin.cc)
+zeek_plugin_cc(src/Foo.cc)
+zeek_plugin_end()

testing/btest/plugins/pktsrc-plugin/CMakeLists.txt

@@ -1,17 +1,17 @@
 
-project(Bro-Plugin-Demo-Foo)
+project(Zeek-Plugin-Demo-Foo)
 
 cmake_minimum_required(VERSION 2.6.3)
 
-if ( NOT BRO_DIST )
-    message(FATAL_ERROR "BRO_DIST not set")
+if ( NOT ZEEK_DIST )
+    message(FATAL_ERROR "ZEEK_DIST not set")
 endif ()
 
-set(CMAKE_MODULE_PATH ${BRO_DIST}/cmake)
+set(CMAKE_MODULE_PATH ${ZEEK_DIST}/cmake)
 
-include(BroPlugin)
+include(ZeekPlugin)
 
-bro_plugin_begin(Demo Foo)
-bro_plugin_cc(src/Plugin.cc)
-bro_plugin_cc(src/Foo.cc)
-bro_plugin_end()
+zeek_plugin_begin(Demo Foo)
+zeek_plugin_cc(src/Plugin.cc)
+zeek_plugin_cc(src/Foo.cc)
+zeek_plugin_end()

testing/btest/plugins/protocol-plugin/CMakeLists.txt

@@ -1,19 +1,19 @@
 
-project(Bro-Plugin-Demo-Foo)
+project(Zeek-Plugin-Demo-Foo)
 
 cmake_minimum_required(VERSION 2.6.3)
 
-if ( NOT BRO_DIST )
-    message(FATAL_ERROR "BRO_DIST not set")
+if ( NOT ZEEK_DIST )
+    message(FATAL_ERROR "ZEEK_DIST not set")
 endif ()
 
-set(CMAKE_MODULE_PATH ${BRO_DIST}/cmake)
+set(CMAKE_MODULE_PATH ${ZEEK_DIST}/cmake)
 
-include(BroPlugin)
+include(ZeekPlugin)
 
-bro_plugin_begin(Demo Foo)
-bro_plugin_cc(src/Plugin.cc)
-bro_plugin_cc(src/Foo.cc)
-bro_plugin_bif(src/events.bif)
-bro_plugin_pac(src/foo.pac src/foo-protocol.pac src/foo-analyzer.pac)
-bro_plugin_end()
+zeek_plugin_begin(Demo Foo)
+zeek_plugin_cc(src/Plugin.cc)
+zeek_plugin_cc(src/Foo.cc)
+zeek_plugin_bif(src/events.bif)
+zeek_plugin_pac(src/foo.pac src/foo-protocol.pac src/foo-analyzer.pac)
+zeek_plugin_end()

testing/btest/plugins/reader-plugin/CMakeLists.txt

@@ -1,17 +1,17 @@
 
-project(Bro-Plugin-Demo-Foo)
+project(Zeek-Plugin-Demo-Foo)
 
 cmake_minimum_required(VERSION 2.6.3)
 
-if ( NOT BRO_DIST )
-    message(FATAL_ERROR "BRO_DIST not set")
+if ( NOT ZEEK_DIST )
+    message(FATAL_ERROR "ZEEK_DIST not set")
 endif ()
 
-set(CMAKE_MODULE_PATH ${BRO_DIST}/cmake)
+set(CMAKE_MODULE_PATH ${ZEEK_DIST}/cmake)
 
-include(BroPlugin)
+include(ZeekPlugin)
 
-bro_plugin_begin(Demo Foo)
-bro_plugin_cc(src/Plugin.cc)
-bro_plugin_cc(src/Foo.cc)
-bro_plugin_end()
+zeek_plugin_begin(Demo Foo)
+zeek_plugin_cc(src/Plugin.cc)
+zeek_plugin_cc(src/Foo.cc)
+zeek_plugin_end()

testing/btest/plugins/writer-plugin/CMakeLists.txt

@@ -1,17 +1,17 @@
 
-project(Bro-Plugin-Demo-Foo)
+project(Zeek-Plugin-Demo-Foo)
 
 cmake_minimum_required(VERSION 2.6.3)
 
-if ( NOT BRO_DIST )
-    message(FATAL_ERROR "BRO_DIST not set")
+if ( NOT ZEEK_DIST )
+    message(FATAL_ERROR "ZEEK_DIST not set")
 endif ()
 
-set(CMAKE_MODULE_PATH ${BRO_DIST}/cmake)
+set(CMAKE_MODULE_PATH ${ZEEK_DIST}/cmake)
 
-include(BroPlugin)
+include(ZeekPlugin)
 
-bro_plugin_begin(Demo Foo)
-bro_plugin_cc(src/Plugin.cc)
-bro_plugin_cc(src/Foo.cc)
-bro_plugin_end()
+zeek_plugin_begin(Demo Foo)
+zeek_plugin_cc(src/Plugin.cc)
+zeek_plugin_cc(src/Foo.cc)
+zeek_plugin_end()

zeek-config.h.in

@@ -223,8 +223,8 @@
 #define DYNAMIC_PLUGIN_SUFFIX "@CMAKE_SHARED_MODULE_SUFFIX@"
 
 /* True if we're building outside of the main Zeek source code tree. */
-#ifndef BRO_PLUGIN_INTERNAL_BUILD
-#define BRO_PLUGIN_INTERNAL_BUILD @BRO_PLUGIN_INTERNAL_BUILD@
+#ifndef ZEEK_PLUGIN_INTERNAL_BUILD
+#define ZEEK_PLUGIN_INTERNAL_BUILD @ZEEK_PLUGIN_INTERNAL_BUILD@
 #endif
 
 /* A C function that has the Zeek version encoded into its name. */

zeek-config.in

@@ -3,21 +3,21 @@
 version=@VERSION@
 build_type=@CMAKE_BUILD_TYPE_LOWER@
 prefix=@CMAKE_INSTALL_PREFIX@
-script_dir=@BRO_SCRIPT_INSTALL_PATH@
-site_dir=@BRO_SCRIPT_INSTALL_PATH@/site
+script_dir=@ZEEK_SCRIPT_INSTALL_PATH@
+site_dir=@ZEEK_SCRIPT_INSTALL_PATH@/site
 plugin_dir=@BRO_PLUGIN_INSTALL_PATH@
-config_dir=@BRO_ETC_INSTALL_DIR@
+config_dir=@ZEEK_ETC_INSTALL_DIR@
 python_dir=@PY_MOD_INSTALL_DIR@
 cmake_dir=@CMAKE_INSTALL_PREFIX@/share/bro/cmake
 include_dir=@CMAKE_INSTALL_PREFIX@/include/bro
-bropath=@DEFAULT_BROPATH@
-bro_dist=@BRO_DIST@
+zeekpath=@DEFAULT_ZEEKPATH@
+zeek_dist=@ZEEK_DIST@
 binpac_root=@ZEEK_CONFIG_BINPAC_ROOT_DIR@
 caf_root=@ZEEK_CONFIG_CAF_ROOT_DIR@
 broker_root=@ZEEK_CONFIG_BROKER_ROOT_DIR@
 
 usage="\
-Usage: zeek-config [--version] [--build_type] [--prefix] [--script_dir] [--site_dir] [--plugin_dir] [--config_dir] [--python_dir] [--include_dir] [--cmake_dir] [--bropath] [--bro_dist] [--binpac_root] [--caf_root] [--broker_root]"
+Usage: zeek-config [--version] [--build_type] [--prefix] [--script_dir] [--site_dir] [--plugin_dir] [--config_dir] [--python_dir] [--include_dir] [--cmake_dir] [--zeekpath] [--zeek_dist] [--binpac_root] [--caf_root] [--broker_root]"
 
 if [ $# -eq 0 ] ; then
       echo "${usage}" 1>&2
@@ -61,11 +61,17 @@ while [ $# -ne 0 ]; do
     --include_dir)
       echo $include_dir
       ;;
-    --bropath)
-      echo $bropath
+    --bropath)   # For compatibility with legacy Bro plugins.
+      echo $zeekpath
       ;;
-    --bro_dist)
-      echo $bro_dist
+    --zeekpath)
+      echo $zeekpath
+      ;;
+    --bro_dist)  # For compatibility with legacy Bro plugins.
+      echo $zeek_dist
+      ;;
+    --zeek_dist)
+      echo $zeek_dist
       ;;
     --binpac_root)
       echo $binpac_root