conn_key/fivetuple: Drop support for non conn_id records

Previously, we supported any records that happened to have orig_h,
resp_h, etc. fields, but it's not exactly clear why we ever did. Users
that relied on this can instantiate an explicit conn_id instance, too.

NEWS

@@ -16,6 +16,10 @@ Breaking Changes
   files. We tested builds of all of the existing third-party packages and only noticed one
   or two failures, but there is a possibility for breakage related to this cleanup.
 
+- The ``lookup_connection()`` and ``connection_exists()`` builtin functions
+  now require ``conn_id`` instances as argument, rather than internally supporting
+  duck type matching ``conn_id``-like records.
+
 - Network timestamps are not added to events by default anymore. Use the following
   redef line to enable them:
 

src/packet_analysis/protocol/ip/conn_key/fivetuple/Factory.cc

@@ -2,6 +2,7 @@
 
 #include "zeek/packet_analysis/protocol/ip/conn_key/fivetuple/Factory.h"
 
+#include "zeek/Desc.h"
 #include "zeek/IP.h"
 #include "zeek/Val.h"
 #include "zeek/packet_analysis/protocol/ip/conn_key/IPBasedConnKey.h"
@@ -12,44 +13,21 @@ namespace zeek::conn_key::fivetuple {
 zeek::ConnKeyPtr Factory::DoNewConnKey() const { return std::make_unique<zeek::IPConnKey>(); }
 
 zeek::expected<zeek::ConnKeyPtr, std::string> Factory::DoConnKeyFromVal(const zeek::Val& v) const {
-    static auto unexpected_conn_id = zeek::unexpected<std::string>{"invalid connection ID record encountered"};
     auto ck = NewConnKey();
     auto* ick = static_cast<zeek::IPBasedConnKey*>(ck.get());
     auto& pt = ick->PackedTuple();
-    const auto& vt = v.GetType();
 
-    if ( ! IsRecord(vt->Tag()) )
+    if ( v.GetType() != id::conn_id )
-        return unexpected_conn_id;
+        return zeek::unexpected<std::string>{
+            util::fmt("expected conn_id, got %s", obj_desc_short(v.GetType()).c_str())};
 
-    auto* vr = vt->AsRecordType();
     auto vl = v.AsRecordVal();
 
     // Indices into conn_id's record field value list:
-    int orig_h = 0, orig_p = 1, resp_h = 2, resp_p = 3, proto = 4;
+    constexpr int orig_h = 0, orig_p = 1, resp_h = 2, resp_p = 3, proto = 4, ctx = 5;
-
-    if ( vr != id::conn_id ) {
-        // While it's not a conn_id, it may have equivalent fields.
-        orig_h = vr->FieldOffset("orig_h");
-        resp_h = vr->FieldOffset("resp_h");
-        orig_p = vr->FieldOffset("orig_p");
-        resp_p = vr->FieldOffset("resp_p");
-        proto = vr->FieldOffset("proto");
-
-        // clang-format off
-        if ( orig_h < 0 || vr->GetFieldType(orig_h)->Tag() != TYPE_ADDR ||
-	     resp_h < 0 || vr->GetFieldType(resp_h)->Tag() != TYPE_ADDR ||
-	     orig_p < 0 || vr->GetFieldType(orig_p)->Tag() != TYPE_PORT ||
-	     resp_p < 0 || vr->GetFieldType(resp_p)->Tag() != TYPE_PORT ||
-	     proto < 0  || vr->GetFieldType(proto)->Tag() != TYPE_COUNT ) {
-            return unexpected_conn_id;
-        }
-        // clang-format on
-    }
-
     if ( ! vl->HasField(orig_h) || ! vl->HasField(resp_h) || ! vl->HasField(orig_p) || ! vl->HasField(resp_p) ||
-         ! vl->HasField(proto) ) {
+         ! vl->HasField(proto) || ! vl->HasField(ctx) )
-        return unexpected_conn_id;
+        return zeek::unexpected<std::string>{"invalid connection ID record encountered"};
-    }
 
     const IPAddr& orig_addr = vl->GetFieldAs<AddrVal>(orig_h);
     const IPAddr& resp_addr = vl->GetFieldAs<AddrVal>(resp_h);
@@ -67,8 +45,6 @@ zeek::expected<zeek::ConnKeyPtr, std::string> Factory::DoConnKeyFromVal(const ze
 
     ick->InitTuple(orig_addr, htons(orig_portv->Port()), resp_addr, htons(resp_portv->Port()), proto16_t);
 
-    // Asserting here on the absence of errors can fail btests.
-
     return ck;
 }