* origin/topic/timw/776-using-statements:
Remove 'using namespace std' from SerialTypes.h
Remove other using statements from headers
GH-776: Remove using statements added by PR 770
Includes small fixes in files that changed since the merge request was
made.
Also includes a few small indentation fixes.
This unfortunately cuases a ton of flow-down changes because a lot of other
code was depending on that definition existing. This has a fairly large chance
to break builds of external plugins, considering how many internal ones it broke.
Added ConnectionEventFast() and QueueEventFast() methods to avoid
redundant event handler existence checks.
It's common practice for caller to already check for event handler
existence before doing all the work of constructing the arguments, so
it's desirable to not have to check for existence again.
E.g. going through ConnectionEvent() means 3 existence checks:
one you do yourself before calling it, one in ConnectionEvent(), and then
another in QueueEvent().
The existence check itself can be more than a few operations sometimes
as it needs to check a few flags that determine if it's enabled, has
a local body, or has any remote receivers in the old comm. system or
has been flagged as something to publish in the new comm. system.
Majority of PLists are now created as automatic/stack objects,
rather than on heap and initialized either with the known-capacity
reserved upfront or directly from an initializer_list (so there's no
wasted slack in the memory that gets allocated for lists containing
a fixed/known number of elements).
Added versions of the ConnectionEvent/QueueEvent methods that take
a val_list by value.
Added a move ctor/assign-operator to Plists to allow passing them
around without having to copy the underlying array of pointers.
In ContentLine_Analyzer, prevent excessively long lines being assembled.
The line length will default to just under 16MB, but can be overriden on
a per-analyzer basis. This is done for the finger,ident, and irc
analyzers.
* 'master' of https://github.com/marktayl/bro:
Better multi-space separator handling.
Also tweak multi-space separator handline some more and add test-case
triggering the new behavior.
1) IRC spec indicates "one or more spaces" separating parameters, so be better at handling multiple space separators.
2) Have "length" track against "myline", since it continues to be used against it.
3) "WHO" command's parameters are optional.
When testing against irc-dcc-send.trace, I didn't see an irc_quit_message event generated for the QUIT command at the end of the trace, but rather a weird.log "irc_invalid_line" for the packet: the IRC packet parser wasn't allowing commands without parameters.
The missing break did not cause any issues besides one extra
(unspecialized) event being fired in addition to the actual
starttls event.
Found by Aaron Eppert
Due to a logic bug, once an "irc_privmsg_message" event handler is created, *all* IRC events were routed down the code path, generally creating a Weird("irc_invalid_privmsg_message_format") event and terminating the inspection.
