static int DatasetAddwRep(Dataset *set, const uint8_t *data, const uint32_t data_len,
DataRepType *rep);
+enum DatasetTypes DatasetGetTypeFromString(const char *s)
+{
+ if (strcasecmp("md5", s) == 0)
+ return DATASET_TYPE_MD5;
+ if (strcasecmp("sha256", s) == 0)
+ return DATASET_TYPE_SHA256;
+ if (strcasecmp("string", s) == 0)
+ return DATASET_TYPE_STRING;
+ return DATASET_TYPE_NOTSET;
+}
+
static Dataset *DatasetAlloc(const char *name)
{
Dataset *set = SCCalloc(1, sizeof(*set));
return NULL;
}
-Dataset *DatasetGetByName(const char *name)
-{
- Dataset *set = DatasetSearchByName(name);
- if (set)
- return set;
-
- return DatasetAlloc(name);
-}
-
-
static int HexToRaw(const uint8_t *in, size_t ins, uint8_t *out, size_t outs)
{
if (ins % 2 != 0)
SCLogNotice("in_path \'%s\' => \'%s\'", in_path, out_path);
}
+/** \brief look for set by name without creating it */
+Dataset *DatasetFind(const char *name, enum DatasetTypes type)
+{
+ SCMutexLock(&sets_lock);
+ Dataset *set = DatasetSearchByName(name);
+ if (set) {
+ if (set->type != type) {
+ SCMutexUnlock(&sets_lock);
+ return NULL;
+ }
+ }
+ SCMutexUnlock(&sets_lock);
+ return set;
+}
+
Dataset *DatasetGet(const char *name, enum DatasetTypes type,
const char *save, const char *load)
{
}
return -1;
}
+
+/** \brief add serialized data to set */
+int DatasetAddSerialized(Dataset *set, const char *string)
+{
+ if (set == NULL)
+ return -1;
+
+ switch (set->type) {
+ case DATASET_TYPE_STRING: {
+ uint8_t decoded[strlen(string)];
+ uint32_t len = DecodeBase64(decoded, (const uint8_t *)string, strlen(string), 1);
+ if (len == 0) {
+ return -1;
+ }
+
+ return DatasetAddString(set, decoded, len);
+ }
+ case DATASET_TYPE_MD5: {
+ if (strlen(string) != 32)
+ return -1;
+ uint8_t hash[16];
+ if (HexToRaw((const uint8_t *)string, 32, hash, sizeof(hash)) < 0)
+ return -1;
+ return DatasetAddMd5(set, hash, 16);
+ }
+ case DATASET_TYPE_SHA256: {
+ if (strlen(string) != 64)
+ return -1;
+ uint8_t hash[32];
+ if (HexToRaw((const uint8_t *)string, 64, hash, sizeof(hash)) < 0)
+ return -1;
+ return DatasetAddSha256(set, hash, 32);
+ }
+ }
+ return -1;
+}
struct Dataset *next;
} Dataset;
-Dataset *DatasetGetByName(const char *name);
+enum DatasetTypes DatasetGetTypeFromString(const char *s);
+Dataset *DatasetFind(const char *name, enum DatasetTypes type);
Dataset *DatasetGet(const char *name, enum DatasetTypes type,
const char *save, const char *load);
int DatasetAdd(Dataset *set, const uint8_t *data, const uint32_t data_len);
int DatasetLookup(Dataset *set, const uint8_t *data, const uint32_t data_len);
DataRepResultType DatasetLookupwRep(Dataset *set, const uint8_t *data, const uint32_t data_len,
const DataRepType *rep);
+int DatasetAddSerialized(Dataset *set, const char *string);
#endif /* __DATASETS_H__ */
#include "conf-yaml-loader.h"
+#include "datasets.h"
+
int unix_socket_mode_is_running = 0;
typedef struct PcapFiles_ {
}
#ifdef BUILD_UNIX_SOCKET
+/**
+ * \brief Command to add data to a dataset
+ *
+ * \param cmd the content of command Arguments as a json_t object
+ * \param answer the json_t object that has to be used to answer
+ * \param data pointer to data defining the context here a PcapCommand::
+ */
+TmEcode UnixSocketDatasetAdd(json_t *cmd, json_t* answer, void *data)
+{
+ /* 1 get dataset name */
+ json_t *narg = json_object_get(cmd, "setname");
+ if (!json_is_string(narg)) {
+ json_object_set_new(answer, "message", json_string("setname is not a string"));
+ return TM_ECODE_FAILED;
+ }
+ const char *set_name = json_string_value(narg);
+
+ /* 2 get the data type */
+ json_t *targ = json_object_get(cmd, "settype");
+ if (!json_is_string(targ)) {
+ json_object_set_new(answer, "message", json_string("settype is not a string"));
+ return TM_ECODE_FAILED;
+ }
+ const char *type = json_string_value(targ);
+
+ /* 3 get value */
+ json_t *varg = json_object_get(cmd, "datavalue");
+ if (!json_is_string(varg)) {
+ json_object_set_new(answer, "message", json_string("datavalue is not string"));
+ return TM_ECODE_FAILED;
+ }
+ const char *value = json_string_value(varg);
+
+ SCLogNotice("dataset-add: %s type %s value %s", set_name, type, value);
+
+ enum DatasetTypes t = DatasetGetTypeFromString(type);
+
+ Dataset *set = DatasetFind(set_name, t);
+ if (set == NULL) {
+ json_object_set_new(answer, "message", json_string("set not found or wrong type"));
+ return TM_ECODE_FAILED;
+ }
+
+ int r = DatasetAddSerialized(set, value);
+ if (r == 1) {
+ json_object_set_new(answer, "message", json_string("data added"));
+ return TM_ECODE_OK;
+ } else if (r == 0) {
+ json_object_set_new(answer, "message", json_string("data already in set"));
+ return TM_ECODE_OK;
+ } else {
+ json_object_set_new(answer, "message", json_string("failed to add data"));
+ return TM_ECODE_FAILED;
+ }
+}
+
/**
* \brief Command to add a tenant handler
*
TmEcode UnixSocketPcapFile(TmEcode tm, struct timespec *last_processed);
#ifdef BUILD_UNIX_SOCKET
+TmEcode UnixSocketDatasetAdd(json_t *cmd, json_t* answer, void *data);
TmEcode UnixSocketRegisterTenantHandler(json_t *cmd, json_t* answer, void *data);
TmEcode UnixSocketUnregisterTenantHandler(json_t *cmd, json_t* answer, void *data);
TmEcode UnixSocketRegisterTenant(json_t *cmd, json_t* answer, void *data);
UnixManagerRegisterCommand("memcap-show", UnixSocketShowMemcap, &command, UNIX_CMD_TAKE_ARGS);
UnixManagerRegisterCommand("memcap-list", UnixSocketShowAllMemcap, NULL, 0);
+ UnixManagerRegisterCommand("dataset-add", UnixSocketDatasetAdd, &command, UNIX_CMD_TAKE_ARGS);
+
return 0;
}
projects / thirdparty / suricata.git / commitdiff
