GH-1119: add base/protcols/conn/removal-hooks.zeek

This adds two new functions: `Conn::register_removal_hook()` and
`Conn::unregister_removal_hook()` for registering a hook function to be
called back during `connection_state_remove`.  The benefit of using hook
callback approach is better scalability: the overhead of unrelated
protocols having to dispatch no-op `connection_state_remove` handlers is
avoided.

scripts/base/protocols/irc/dcc-send.zeek

@@ -12,6 +12,7 @@
 @load ./main
 @load base/utils/files
 @load base/frameworks/cluster
+@load base/protocols/conn/removal-hooks
 
 module IRC;
 
@@ -24,6 +25,10 @@ export {
 		## Sniffed mime type of the file.
 		dcc_mime_type:         string &log &optional;
 	};
+
+	## IRC DCC data finalization hook.  Remaining expected IRC DCC state may be
+	## purged when it's called.
+	global finalize_irc_data: Conn::RemovalHook;
 }
 
 global dcc_expected_transfers: table[addr, port] of Info &read_expire=5mins;
@@ -121,10 +126,13 @@ event scheduled_analyzer_applied(c: connection, a: Analyzer::Tag) &priority=10
 	{
 	local id = c$id;
 	if ( [id$resp_h, id$resp_p] in dcc_expected_transfers )
+		{
 		add c$service["irc-dcc-data"];
+		Conn::register_removal_hook(c, finalize_irc_data);
+		}
 	}
 
-event connection_state_remove(c: connection) &priority=-5
+hook finalize_irc_data(c: connection)
 	{
 	if ( [c$id$resp_h, c$id$resp_p] in dcc_expected_transfers )
 		{