ConnKey: Extend DoPopulateConnIdVal() with ctx

This prepares the move where ConnKey implementations should fill out ctx rather than filling conn_id directly. The API continues to receive both, conn_id and ctx, as adding fields to `conn_id` is reasonable use-case even if it's just for logging purposes.
2025-10-02 06:38:20 +00:00 · 2025-06-27 14:02:31 +02:00 · 2025-06-27 14:02:31 +02:00 · b7a22a87c6
commit b7a22a87c6
parent 112e3c1c03
7 changed files with 48 additions and 22 deletions
--- a/src/ConnKey.h
+++ b/src/ConnKey.h
@ -29,16 +29,22 @@ public:
    void Init(const Packet& pkt) { DoInit(pkt); }

    /**
-     * When Zeek renders a connection into a script-layer record, it calls this
-     * method to populate custom conn_id fields unique to this ConnKey, such as
-     * VLAN fields. This only needs to populate in fields in addition to Zeek's
-     * five-tuple (i.e., complete the record, not populate all of it).
+     * Populates the conn_id and conn_id_ctx records.
+     *
+     * When Zeek renders a connection key into a script-layer record, it calls this
+     * method to populate the conn_id's and conn_id_ctx's fields that are unique to
+     * this ConnKey.
+     *
+     * Currently, \a conn_id and \a ctx will always have the script-layer types conn_id
+     * and conn_id_ctx. They could be of different types in the future for non-IP
+     * connections.
     *
     * The default implementation does nothing.
     *
     * @param conn_id The conn_id record to populate.
+     * @param ctx The conn_id's ctx record to populate.
     */
-    void PopulateConnIdVal(RecordVal& conn_id) { DoPopulateConnIdVal(conn_id); };
+    void PopulateConnIdVal(RecordVal& conn_id, RecordVal& ctx) { DoPopulateConnIdVal(conn_id, ctx); };

    /**
     * Return a non-owning session::detail::Key instance for connection lookups.
@ -72,9 +78,20 @@ protected:
    /**
     * Hook method for ConnKey::PopulateConnIdVal.
     *
+     * When Zeek renders a connection key into a script-layer record, it calls this
+     * method to populate the conn_id's and conn_id_ctx's fields that are unique to
+     * this ConnKey.
+     *
+     * Currently, \a conn_id and \a ctx will always have the script-layer types conn_id
+     * and conn_id_ctx. They could be of different types in the future for non-IP
+     * connections.
+     *
     * The default implementation does nothing.
+     *
+     * @param conn_id The conn_id record to populate.
+     * @param ctx The conn_id's ctx record to populate.
     */
-    virtual void DoPopulateConnIdVal(RecordVal& conn_id) {}
+    virtual void DoPopulateConnIdVal(RecordVal& conn_id, RecordVal& ctx) {}

    /**
     * Hook method for implementing ConnKey::SessionKey.