-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove longstanding deprecations #243
Comments
These are all the functions that were deprecated as of 2.6:
These are all the events that were deprecated as of 2.6:
|
This commit removed functions/events that have been deprecated in Bro 2.6. It also removes the detection code that checks if the old communication framework is used (since all the functions that are checked were removed). Addresses parts of GH-243
Broccoli was still present in the source in a few places, debug outputs that do no longer exist were too. Part of GH-243
Addresses part of zeek/zeek#243
To be more exact: &encrypt, &mergeable, &rotate_interval, &rotate_size Also removes no longer used redef-able constants: log_rotate_interval, log_max_size, log_encryption_key GH-243
I have the removal of value serialization mostly done in the branch topic/johanna/remove-serializer. The new clone implementation is merged into the branch and most tests pass. The missing piece (which I sadly did not get done this week) is that we need serialization/deserialization for the opaque types. My plan was to use the BinarySerialization format for this, since broker already uses it - the code for opaque value serialization would probably look a lot like the code that I just removed. Apart from that it looks like everything works. There might be a few additional places where other codeparts are now no longer needed because value serialization does not exist anymore - but all the big obvious pieces like the serializer, chunkedio, the serialization functions, type cloning are removed or implemented. I am happy to continue this in a few weeks - if anyone feels like taking over in the meantime that is also fine. |
Another piece where we need to think about what to do is event playback. Zeek supported event playback, where one could record events into a file and play it back. This is a little known about but kind of neat feature. Since this used the serialization framework, it does not work anymore. We can either completely remove it, let the remnants in the code for later re-implementation (reserving the keywords and command line option), or re-implement it, e.g. using the Binary Serialization format directly. |
Then reworked |
I'm taking a stab at the opaque serialization |
So the use case for this serialization is Broker, right? Sending opaques over Broker used to go through the serializer. Readding this will require bringing back some of the serialization machinery that we just removed. In addition to those virtual Serialize()/Unserialize() methods, we'll need a global registry of all OpaqueTypes that provides a factory function for each to create instances (we can't do that statically as we need to support plugins). A question is if, instead of going back to producing binary blobs through the Second thing here is that if we wanted to bring back the event replay, we'd need to extend serialization to all Thoughts on any of this? |
Having methods to (de)serialize via
I don't think event replay is worth much effort? I agree it's a "neat" thing that used to exist, but never really encountered a use-case for it? Another idea/hack for re-implementing it differently could be to convert the stream of events into |
I've went ahead with the direct serialization to Broker in |
Great - I will take a look and probably just merge that back into my branch :) |
…ization' into topic/johanna/remove-serializer * origin/topic/robin/gh-243-opaque-serialization: Reimplement serialization infrastructure for OpaqueVals. Couple of compile fixes.
Maybe 2 remaining things to do here:
|
I'll look into wrapping this up:
|
@jsiwek It would certainly be helpful if |
…ecation-removal' * origin/topic/jsiwek/gh-243-wrap-up-deprecation-removal: Improve deprecation warning messages Remove deprecated DNS events Remove BackDoor analyzer Remove InterConn analyzer Remove deprecated/unused irc_servers option Remove deprecated print_hook event Remove dead code: dump_used_event_handlers Remove unused software_version_found events Remove deprecated open_log_file and log_file_name functions Remove deprecated/unused "packet" type Un-deprecate anonymizer BIFs Un-deprecate file rotation functions
There's deprecated functionality that's been marked as such for a while, but never removed. Need to consider doing that for 2.7 finally. Maybe first warrants a policy decision on what length of time to allow before removing deprecations. My opinion is they should be guaranteed to exist for a single release (and its patch lifecycle).
We need to remove the following:
&synchronized
&persistent
,.state/state.bst
&encrypt
,&mergeable
,&rotate_interval
,&rotate_size
&&
and||
operators for patternsupdate
commandRemoteSerializer
and other things linked to that)when
support for watching globals (see Consider removing "when" support for monitoring globals #319)To make this possible, we need to add:
clone
implementation (tracked by Reimplement "clone" expression #293 )The text was updated successfully, but these errors were encountered: