Merge pull request #2284 in SNORT/snort3 from ~BBANTWAL/snort3:print_whitelist to...

Squashed commit of the following:

commit f573e9cb7de962831d8269ce665303027c3bc78b
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date:   Tue Jun 23 23:56:48 2020 -0400

    managers: format lua whitelist output and ignore internal whitelist keywords

diff --git a/src/log/messages.cc b/src/log/messages.cc
index b95104d4c3ad3579c9bec144c333453db242d11a..e805d987fa1257e909c5ee397b266e9f62d5a8b6 100644 (file)
--- a/src/log/messages.cc
+++ b/src/log/messages.cc
@@ -505,5 +505,31 @@ void ConfigLogger::log_list(const char* caption, const char* list, const char* p
 
     LogMessage(fmt, ind, caption, delim, prefix, res.c_str());
 }
+
+void ConfigLogger::log_list(const char* list)
+{
+    if ( !list or !list[0] )
+        return;
+
+    std::stringstream ss(list);
+    std::string res;
+    std::string val;
+
+    while (ss >> val)
+    {
+        if ( res.length() + val.length() > max_line_len )
+        {
+            LogMessage("\t\t%s\n", res.c_str());
+            res.clear();
+        }
+
+        if (!res.empty())
+            res += ' ';
+
+        res += val;
+    }
+
+    LogMessage("\t\t%s\n", res.c_str());
+}
 } //namespace snort
 

diff --git a/src/log/messages.h b/src/log/messages.h
index b0b93ca54694c9c53f3b5fa970a2d738f3e6334a..a2ab4d28290e6484adf159fb45ccdbeb7b1d0ea7 100644 (file)
--- a/src/log/messages.h
+++ b/src/log/messages.h
@@ -83,6 +83,7 @@ public:
     static void log_value(const char* caption, double n, bool subopt = false);
     static void log_value(const char* caption, const char* str, bool subopt = false);
     static void log_list(const char* caption, const char* list, const char* prefix = " ", bool subopt = false);
+    static void log_list(const char* list);
 private:
     static constexpr int indention = 25;
     static constexpr int max_line_len = 75;

diff --git a/src/main/shell.cc b/src/main/shell.cc
index 8992b195bbc1621379f612cb1f71775e78595821..b20f116662e94fde3a44a16ee930425b1124eb29 100644 (file)
--- a/src/main/shell.cc
+++ b/src/main/shell.cc
@@ -73,6 +73,7 @@ bool Shell::is_whitelisted(const std::string& key)
         return false;
 
     const Whitelist& whitelist = sh->get_whitelist();
+    const Whitelist& internal_whitelist = sh->get_internal_whitelist();
     const Whitelist& whitelist_prefixes = sh->get_whitelist_prefixes();
 
     for ( const auto& prefix : whitelist_prefixes )
@@ -84,6 +85,9 @@ bool Shell::is_whitelisted(const std::string& key)
     if ( whitelist.find(key) != whitelist.end() )
         return true;
 
+    if ( internal_whitelist.find(key) != internal_whitelist.end() )
+        return true;
+
     return false;
 }
 
@@ -176,6 +180,7 @@ Shell::Shell(const char* s, bool load_defaults)
 
     loaded = false;
     load_string(lua, ModuleManager::get_lua_bootstrap());
+    bootstrapped = true;
 
     if ( load_defaults )
         load_string(lua, ModuleManager::get_lua_coreinit());
@@ -304,6 +309,27 @@ void Shell::execute(const char* cmd, string& rsp)
     }
 }
 
+//-------------------------------------------------------------------------
+// Helper methods
+//-------------------------------------------------------------------------
+
+static void print_list(const Shell::Whitelist& wlist, const std::string& msg)
+{
+    LogMessage("\t%s\n", msg.c_str());
+    std::string list;
+
+    for ( const auto& wl : wlist )
+    {
+        list += wl;
+        list += ", ";
+    }
+
+    if ( !list.empty() )
+        list.erase(list.end() - 2, list.end());
+
+    ConfigLogger::log_list(list.c_str());
+}
+
 //-------------------------------------------------------------------------
 // private methods
 //-------------------------------------------------------------------------
@@ -314,17 +340,13 @@ void Shell::print_whitelist() const
     if ( !whitelist.empty() )
     {
         output = "Lua Whitelist Keywords for " + file + ":";
-        LogMessage("\t%s\n",output.c_str());
-        for ( const auto& wl : whitelist )
-            LogMessage("\t\t%s\n", wl.c_str());
+        print_list(whitelist, output);
     }
 
     if ( !whitelist_prefixes.empty() )
     {
         output = "Lua Whitelist Prefixes for " + file + ":";
-        LogMessage("\t%s\n",output.c_str());
-        for ( const auto& wlp : whitelist_prefixes )
-            LogMessage("\t\t%s\n", wlp.c_str());
+        print_list(whitelist_prefixes, output);
     }
 }
 
@@ -333,6 +355,8 @@ void Shell::whitelist_update(const char* s, bool is_prefix)
     Whitelist* wlist = nullptr;
     if ( is_prefix )
         wlist = &whitelist_prefixes;
+    else if ( !bootstrapped )
+        wlist = &internal_whitelist;
     else
         wlist = &whitelist;
 

diff --git a/src/main/shell.h b/src/main/shell.h
index 4f26b0ad07747b3adc2116a6ca92a78e6123f47e..e3578105af7e32d92958d048a736c05b1d2b0ff0 100644 (file)
--- a/src/main/shell.h
+++ b/src/main/shell.h
@@ -74,12 +74,16 @@ private:
     void clear_whitelist()
     {
         whitelist.clear();
+        internal_whitelist.clear();
         whitelist_prefixes.clear();
     }
 
     const Whitelist& get_whitelist() const
     { return whitelist; }
 
+    const Whitelist& get_internal_whitelist() const
+    { return internal_whitelist; }
+
     const Whitelist& get_whitelist_prefixes() const
     { return whitelist_prefixes; }
 
@@ -88,11 +92,13 @@ private:
 
 private:
     bool loaded;
+    bool bootstrapped = false;
     lua_State* lua;
     std::string file;
     std::string parse_from;
     std::string overrides;
     Whitelist whitelist;
+    Whitelist internal_whitelist;
     Whitelist whitelist_prefixes;
 };