* origin/topic/vladg/gh-1084:
Add btest for GH-1084
Update baselines
MySQL: Fix parsing logic bug. We were correctly NOT expecting an EOF, but because we were parsing the header and then not parsing the rest, we would get out of sync
* origin/topic/johanna/table-changes: (26 commits)
TableSync: try to make test more robust & add debug output
Increase timeouts to see if FreeBSD will be happy with this.
Try to make FreeBSD test happy with larger timeout.
TableSync: refactor common functionality into function
TableSync: don't raise &on_change, smaller fixes
TableSync: rename auto_store -> table_store
SyncTables: address feedback part 1 - naming (broker and zeek)
BrokerStore <-> Zeek Tables: cleanup and bug workaround
Zeek Table<->Brokerstore: cleanup, documentation, small fixes
BrokerStore<->Zeek table: adopt to recent Zeek API changes
BrokerStore<->Zeek Tables Fix a few small test failures.
BrokerStore<->Zeek tables: allow setting storage location & tests
BrokerStore<->Zeek tables: &backend works for in-memory stores.
BrokerStore<->Zeek table - introdude &backend attribute
BrokerStore<->Zeek tables: test for clones synchronizing to a master
BrokerStore<->Zeek tables: load persistent tables on startup.
Brokerstore<->Tables: attribute conflicts
Zeek/Brokerstore updates: expiration
Zeek/Brokerstore updates: add test that includes updates from clones
Zeek/Brokerstore updates: first working end-to-end test
...
* origin/topic/timw/deprecation-fixes-for-spicy:
Use namespaced version of Location to silence warnings
Various deprecation fixes, reported by failed Spicy builds
Add deprecated version of EnumType::GetVal() to returns EnumVal*, rename IntrusivePtr version to GetEnumVal
Merge adjustments:
- Revert unneeded changes in mmdb_dir lookups to fix build
- Fix deprecated EnumType::GetVal() to return +1 ref-count
* origin/topic/timw/deprecation-fixes-for-spicy:
Various deprecation fixes, reported by failed Spicy builds
Add deprecated version of EnumType::GetVal() to returns EnumVal*, rename IntrusivePtr version to GetEnumVal
* origin/topic/jsiwek/gh-1024-broker-store-handle-type-checks:
Improve Broker store API's handling of invalid arguments
Add builtin_exception() functions
GH-1024: fix crash on passing wrong types to Broker store API
This was a bit of a bigger merge since Zeek changed inbetween the time
of the PR and me actually merging it.
I put the new functions into the zeek::detail namespace -- since it
seems unlikely that those will be used by something external.
I also renamed them to fit better with the naming scheme of the new
error functions.
Fixes GH-1024
* origin/topic/jsiwek/deprecation-improvements:
Fix wrong frame offsets for locals of alternate event/hook prototypes
Add deprecation expression to deprecated prototype/parameter messages
Improve "use of deprecated prototype" warning message
Emit deprecation warning for use of &deprecated function parameters
* origin/topic/timw/266-namespaces-part2:
Rename BroString files to ZeekString
Update NEWS entry with note about class renames
Rename BroObj to Obj
Rename BroString to zeek::String
Move Func up to zeek namespace, rename BroFunc to ScriptFunc
Mark global val_mgr as deprecated and fix uses of it to use namespaced version
Minor cleanup items from PR review
Update binpac and bifcl submodules with review changes
Move Location to zeek::detail and BroObj to zeek
Move BroString to zeek namespace
Move Dictionary/PDict, List/PList, and Queue/PQueue to zeek namespace
Remove typedef that should have been removed in 3.1
Move Func and associated classes into zeek::detail namespace
Move Frame and Scope to zeek::detail namespace
Move all Val classes to the zeek namespaces
Use type aliases for IntrusivePtr definitions
Move deprecation macro to zeek-config.h.in to avoid having to over-include util.h
Move IntrusivePtr and utility methods to the zeek namespace
Merge adjustments:
- Added back in deprecation tag for base_type_no_ref()
- Added back the deprecated plugin::hook_name() function
* origin/topic/timw/1032-namespaced-enums:
Deprecate plugin::HookType and plugin::component::Type in a different way
Deprecate init_class and IDScope in another way.
Deprecate TypeTag and friends in a different way
Deprecate attr_tag in a different way, rename to AttrTag
Minor tweaks during merge:
- Remove/default superfluous ~Attributes()
- Added in resize() calls to accompany reserve() of associated vectors
* origin/topic/timw/1034-IndexTypes:
Revert Attributes::Attrs back to return an attr_list and mark it deprecated
GH-1034: Revert TypeList::Types() back to return a type_list* and mark it deprecated
Changes during merge
- Changed the policy script to use an event handler that behaves
for like the base script: &priority=5, msg$opcode != early-out,
no record field existence checks
- Also extended dns_query_reply event with original_query param
- Removed ExtractName overload, and just use default param
* 'dns-original-query-case' of https://github.com/rvictory/zeek:
Fixed some places where tabs became spaces
Stricter checking if we have a dns field on the connection being processed
Modified the DNS protocol analyzer to add a new parameter to the dns_request event which includes the DNS query in its original case. Added a policy script that will add the original_case to the dns.log file as well. Created new btests to test both.
Merge adjustments:
- Preserved original `base_type_no_ref` argument type as ::TypeTag
- Removed superfluous #pragma guard around deprecated TableVal ctor
- Clarify NEWS regarding MetaHook{Pre,Post} deprecations
- Simplify some `::zeek::` qualifications to just `zeek::`
- Prefixed FORWARD_DECLARE_NAMESPACED macro with ZEEK_
* origin/topic/timw/266-namespaces:
Disable some deprecation diagnostics for GCC
Rename BroType to Type
Update NEWS
Review cleanup
Move Type types to zeek namespace
Move Flare/Pipe from the bro namespace to zeek::detail
Move Attr to the zeek::detail namespace
Move Trigger into the zeek::detail namespace
Move ID to the zeek::detail namespace
Move Anon.h into zeek::detail namespace
Mark all of the aliased classes in plugin/Plugin.h deprecated, and fix all of the plugins that were using them
Move all of the base plugin classes into the zeek::plugin namespace
Expr: move all classes into zeek::detail
Stmt: move Stmt classes into zeek::detail namespace
Add utility macro for creating namespaced aliases for classes
It was creating RecordVals even if they wouldn't be used by any event
handler and that situation is common/expected for `zeek -b` mode.
Normally, there's at least the tunnel scripts with a `new_connection`
handler causing the connection RecordVals to be built.
