* origin/topic/timw/266-namespaces-part2:
Rename BroString files to ZeekString
Update NEWS entry with note about class renames
Rename BroObj to Obj
Rename BroString to zeek::String
Move Func up to zeek namespace, rename BroFunc to ScriptFunc
Mark global val_mgr as deprecated and fix uses of it to use namespaced version
Minor cleanup items from PR review
Update binpac and bifcl submodules with review changes
Move Location to zeek::detail and BroObj to zeek
Move BroString to zeek namespace
Move Dictionary/PDict, List/PList, and Queue/PQueue to zeek namespace
Remove typedef that should have been removed in 3.1
Move Func and associated classes into zeek::detail namespace
Move Frame and Scope to zeek::detail namespace
Move all Val classes to the zeek namespaces
Use type aliases for IntrusivePtr definitions
Move deprecation macro to zeek-config.h.in to avoid having to over-include util.h
Move IntrusivePtr and utility methods to the zeek namespace
Merge adjustments:
- Added back in deprecation tag for base_type_no_ref()
- Added back the deprecated plugin::hook_name() function
* origin/topic/timw/1032-namespaced-enums:
Deprecate plugin::HookType and plugin::component::Type in a different way
Deprecate init_class and IDScope in another way.
Deprecate TypeTag and friends in a different way
Deprecate attr_tag in a different way, rename to AttrTag
Minor tweaks during merge:
- Remove/default superfluous ~Attributes()
- Added in resize() calls to accompany reserve() of associated vectors
* origin/topic/timw/1034-IndexTypes:
Revert Attributes::Attrs back to return an attr_list and mark it deprecated
GH-1034: Revert TypeList::Types() back to return a type_list* and mark it deprecated
Changes during merge
- Changed the policy script to use an event handler that behaves
for like the base script: &priority=5, msg$opcode != early-out,
no record field existence checks
- Also extended dns_query_reply event with original_query param
- Removed ExtractName overload, and just use default param
* 'dns-original-query-case' of https://github.com/rvictory/zeek:
Fixed some places where tabs became spaces
Stricter checking if we have a dns field on the connection being processed
Modified the DNS protocol analyzer to add a new parameter to the dns_request event which includes the DNS query in its original case. Added a policy script that will add the original_case to the dns.log file as well. Created new btests to test both.
Merge adjustments:
- Preserved original `base_type_no_ref` argument type as ::TypeTag
- Removed superfluous #pragma guard around deprecated TableVal ctor
- Clarify NEWS regarding MetaHook{Pre,Post} deprecations
- Simplify some `::zeek::` qualifications to just `zeek::`
- Prefixed FORWARD_DECLARE_NAMESPACED macro with ZEEK_
* origin/topic/timw/266-namespaces:
Disable some deprecation diagnostics for GCC
Rename BroType to Type
Update NEWS
Review cleanup
Move Type types to zeek namespace
Move Flare/Pipe from the bro namespace to zeek::detail
Move Attr to the zeek::detail namespace
Move Trigger into the zeek::detail namespace
Move ID to the zeek::detail namespace
Move Anon.h into zeek::detail namespace
Mark all of the aliased classes in plugin/Plugin.h deprecated, and fix all of the plugins that were using them
Move all of the base plugin classes into the zeek::plugin namespace
Expr: move all classes into zeek::detail
Stmt: move Stmt classes into zeek::detail namespace
Add utility macro for creating namespaced aliases for classes
It was creating RecordVals even if they wouldn't be used by any event
handler and that situation is common/expected for `zeek -b` mode.
Normally, there's at least the tunnel scripts with a `new_connection`
handler causing the connection RecordVals to be built.
New concurrency limits are 16 Linux CPUs per user rather than 8 Linux
Tasks per user (at a max of 8 CPUs per Task, they essentially allowed 64
CPUs per user before the change in policy).
- Minor tweaks to some odd includes during merge
* origin/topic/timw/reduce-func-inclusion:
Remove Analyzer.h from bro-bif.h
Remove IPAddr.h from Reporter.h
Remove the inclusion of Func.h from NetVar.h, which reduces the inclusion of Func.h overall.
* origin/topic/jsiwek/gh-893-intrusive-ptr-migration: (151 commits)
Integrate review feedback
Switch Broker Val converter visitor to return IntrusivePtr
Change BroFunc ctor to take const-ref IntrusivePtr<ID>
Add version of Frame::SetElement() taking IntrusivePtr<ID>
Change Scope/Func inits from id_list* to vector<IntrusivePtr<ID>>
Change Scope::GenerateTemporary() to return IntrusivePtr
Deprecate Scope::ReturnType(), replace with GetReturnType()
Deprecate Scope::ScopeID(), replace with GetID()
Switch parsing to use vector<IntrusivePtr<Attr>> from attr_list
Deprecate TableVal::FindAttr(), replace with GetAttr()
Deprecate TypeDecl::FindAttr(), replace with GetAttr()
Deprecate ID::FindAttr(), replace with GetAttr()
Deprecate Attributes::FindAttr(), replace with Find()
Deprecate Attributes::AddAttrs(Attributes*)
Add Attributes ctor that takes IntrusivePtrs
Change Attributes to store std:vector<IntrusivePtr<Attr>>
Change Attr::SetAttrExpr() to non-template
Deprecate Attr::AttrExpr(), replace with GetExpr()
Deprecate ID::Attrs(), replace with GetAttrs()
Remove weak_ref param from ID::SetVal()
...
- Updated the logic significantly: still filters out ICMP from being
considered an active service (like before) and adds a new
"Known::service_udp_requires_response" option (defaults to true) for
whether to require UDP server response before being considered an
active service.
* 'topic/dopheide/known-services' of https://github.com/dopheide-esnet/zeek:
Log services with unknown protocols
* origin/topic/johanna/threading-allow-SendEvent-from-stuff-that-is-not-an-input-reader-because-it-turns-out-that-it-is-actually-kind-of-convenient-to-call-this-from-other-things-like-for-example-from-logging-writers:
Make SendEvent callable from all threads
* origin/topic/timw/906-find-all-urls-regex:
Restore previous url scheme capture group
GH-906: Fix the regex in url.zeek to better match for find_all_urls
