* origin/topic/awelzel/conn-id-ctx-singleton:
RecordType: Allow field init deferral of deferrable record constructors
Conn: Use conn_id_ctx singleton
Conn: Add InitPostScript() and conn_id_ctx singleton
ID: Add conn_id_ctx
The ctx: conn_id_ctx &default=conn_id_ctx() field was not optimized
as deferrable even though by default its an empty record and so deferring
initialization seems safe. Open-code the special record constructor
expression case in ExprFieldInit so that the ctx field is not default
initialized at record construction anymore. I am wondering a bit if the
same applies to &default=set() and &default=table().
When a conn_id represents a ICMP "connection", we need to determine the
is_one_way flag for InitTuple() in order to skip any flipping of address
and ports for one-way ICMP connections.
Fixes#4645
* origin/topic/timw/coverity-fixes:
Fix a few other minor issues reported by Coverity
Add a few extra null checks, plus a missing initialization that led to a bad null check
Fix some integer overflow issues reported by Coverity
Ignore a couple of known-unused results reported by Coverity
Fix some bit-shifting overflow/UB issues reported by Coverity
Reset the value of a status variable in SQLite backend before using it in a loop
Fix a potential memory leak reported by Coverity
Avoid some string copies in IRC analyzer
Add some additional std::moves reported by Coverity
Fix an unsigned integer comparison reported by Coverity
Fix uninitialized class member Coverity findings
Handle uncaught exception during setup
Update gen-zam submodule for Coverity findings
* origin/topic/timw/storage-forced-sync:
Fix swapped storage metrics names
Add flag to force synchronous mode when calling storage script-land functions
* origin/topic/awelzel/control-switch-to-cluster:
NEWS: ZeekControl, ZeroMQ and WebSocket
Update zeekctl module for ClusterBackend and UseWebSocket
control: Use Cluster::publish() for replying
This adds a new PacketAnalyzer::PPPoE::session_id bif, which extracts
the PPPoE session ID from the current packet.
Furthermore, a new policy script is added which adds the pppoe session
id to the connection log.
Related to GH-4602
Switching to ZeroMQ as cluster backend and dabbling with zeekctl
and WebSocket, replies didn't arrive due to the usage of
Broker::publish() rather than Cluster::publish(). Additionally,
add the node name to the topic on which we reply so that the
receiver can figure out which node sent the reply. It could've
been a separate event parameter, but the topic appears just fine.
