Merge pull request #2610 in SNORT/snort3 from ~SHASLAD/snort3:language_correction_1...

Squashed commit of the following:

commit 40baacb8e5f963d60e6abf34f3d12cb2174f023b
Author: Shashi Lad <shaslad@cisco.com>
Date:   Tue Nov 10 09:28:18 2020 -0500

    appid: change terms used in code, logs and peg counts

commit 10e1181a941eda0805666dc3da48cbba35806636
Author: Shashi Lad <shaslad@cisco.com>
Date:   Tue Nov 10 09:28:08 2020 -0500

    shell: change terms used in code, logs and peg counts

diff --git a/src/main/shell.cc b/src/main/shell.cc
index f42f541d856f1a6367d78143886d3a189960a2fa..da8386ba8d14f7f6d99a11cdcdb3647f62af5ebc 100644 (file)
--- a/src/main/shell.cc
+++ b/src/main/shell.cc
@@ -110,40 +110,40 @@ void Shell::clear_config_output()
     s_current_node = nullptr;
 }
 
-bool Shell::is_whitelisted(const std::string& key)
+bool Shell::is_trusted(const std::string& key)
 {
     Shell* sh = Shell::get_current_shell();
 
     if ( !sh )
         return false;
 
-    const Whitelist& whitelist = sh->get_whitelist();
-    const Whitelist& internal_whitelist = sh->get_internal_whitelist();
-    const Whitelist& whitelist_prefixes = sh->get_whitelist_prefixes();
+    const Allowlist& allowlist = sh->get_allowlist();
+    const Allowlist& internal_allowlist = sh->get_internal_allowlist();
+    const Allowlist& allowlist_prefixes = sh->get_allowlist_prefixes();
 
-    for ( const auto& prefix : whitelist_prefixes )
+    for ( const auto& prefix : allowlist_prefixes )
     {
         if (key.compare(0, prefix.length(), prefix) == 0)
             return true;
     }
 
-    if ( whitelist.find(key) != whitelist.end() )
+    if ( allowlist.find(key) != allowlist.end() )
         return true;
 
-    if ( internal_whitelist.find(key) != internal_whitelist.end() )
+    if ( internal_allowlist.find(key) != internal_allowlist.end() )
         return true;
 
     return false;
 }
 
-void Shell::whitelist_append(const char* keyword, bool is_prefix)
+void Shell::allowlist_append(const char* keyword, bool is_prefix)
 {
     Shell* sh = Shell::get_current_shell();
 
     if ( !sh )
         return;
 
-    sh->whitelist_update(keyword, is_prefix);
+    sh->allowlist_update(keyword, is_prefix);
 }
 
 void Shell::config_open_table(bool is_root_node, bool is_list, int idx,
@@ -440,11 +440,11 @@ bool Shell::configure(SnortConfig* sc, bool is_fatal, bool is_root)
         load_string(lua, overrides.c_str());
 
     if ( SnortConfig::log_verbose() )
-        print_whitelist();
+        print_allowlist();
 
     load_string(lua, ModuleManager::get_lua_finalize());
 
-    clear_whitelist();
+    clear_allowlist();
 
     auto config_output = Shell::get_current_shell()->s_config_output;
     if ( config_output )
@@ -499,7 +499,7 @@ void Shell::execute(const char* cmd, string& rsp)
 // Helper methods
 //-------------------------------------------------------------------------
 
-static void print_list(const Shell::Whitelist& wlist, const std::string& msg)
+static void print_list(const Shell::Allowlist& wlist, const std::string& msg)
 {
     LogMessage("\t%s\n", msg.c_str());
     std::string list;
@@ -520,31 +520,31 @@ static void print_list(const Shell::Whitelist& wlist, const std::string& msg)
 // private methods
 //-------------------------------------------------------------------------
 
-void Shell::print_whitelist() const
+void Shell::print_allowlist() const
 {
     std::string output;
-    if ( !whitelist.empty() )
+    if ( !allowlist.empty() )
     {
-        output = "Lua Whitelist Keywords for " + file + ":";
-        print_list(whitelist, output);
+        output = "Lua Allowlist Keywords for " + file + ":";
+        print_list(allowlist, output);
     }
 
-    if ( !whitelist_prefixes.empty() )
+    if ( !allowlist_prefixes.empty() )
     {
-        output = "Lua Whitelist Prefixes for " + file + ":";
-        print_list(whitelist_prefixes, output);
+        output = "Lua Allowlist Prefixes for " + file + ":";
+        print_list(allowlist_prefixes, output);
     }
 }
 
-void Shell::whitelist_update(const char* s, bool is_prefix)
+void Shell::allowlist_update(const char* s, bool is_prefix)
 {
-    Whitelist* wlist = nullptr;
+    Allowlist* wlist = nullptr;
     if ( is_prefix )
-        wlist = &whitelist_prefixes;
+        wlist = &allowlist_prefixes;
     else if ( !bootstrapped )
-        wlist = &internal_whitelist;
+        wlist = &internal_allowlist;
     else
-        wlist = &whitelist;
+        wlist = &allowlist;
 
     if ( s )
         wlist->emplace(s);

diff --git a/src/main/shell.h b/src/main/shell.h
index e72e056a97e6d8a74374292d5836b84f8a975bbf..bcab4e3b1a55cfab6b7f50ef9d55d2d65c13e4ba 100644 (file)
--- a/src/main/shell.h
+++ b/src/main/shell.h
@@ -44,7 +44,7 @@ class Value;
 class Shell
 {
 public:
-    typedef std::set<std::string> Whitelist;
+    typedef std::set<std::string> Allowlist;
 
     Shell(const char* file = nullptr, bool load_defaults = false);
     ~Shell();
@@ -67,8 +67,8 @@ public:
     { return loaded; }
 
 public:
-    static bool is_whitelisted(const std::string& key);
-    static void whitelist_append(const char* keyword, bool is_prefix);
+    static bool is_trusted(const std::string& key);
+    static void allowlist_append(const char* keyword, bool is_prefix);
 
     static void config_open_table(bool is_root_node, bool is_list, int idx,
         const std::string& table_name, const snort::Parameter* p);
@@ -94,24 +94,24 @@ private:
     static bool s_close_table;
 
 private:
-    void clear_whitelist()
+    void clear_allowlist()
     {
-        whitelist.clear();
-        internal_whitelist.clear();
-        whitelist_prefixes.clear();
+        allowlist.clear();
+        internal_allowlist.clear();
+        allowlist_prefixes.clear();
     }
 
-    const Whitelist& get_whitelist() const
-    { return whitelist; }
+    const Allowlist& get_allowlist() const
+    { return allowlist; }
 
-    const Whitelist& get_internal_whitelist() const
-    { return internal_whitelist; }
+    const Allowlist& get_internal_allowlist() const
+    { return internal_allowlist; }
 
-    const Whitelist& get_whitelist_prefixes() const
-    { return whitelist_prefixes; }
+    const Allowlist& get_allowlist_prefixes() const
+    { return allowlist_prefixes; }
 
-    void print_whitelist() const;
-    void whitelist_update(const char* keyword, bool is_prefix);
+    void print_allowlist() const;
+    void allowlist_update(const char* keyword, bool is_prefix);
 
 private:
     bool loaded;
@@ -120,9 +120,9 @@ private:
     std::string file;
     std::string parse_from;
     std::string overrides;
-    Whitelist whitelist;
-    Whitelist internal_whitelist;
-    Whitelist whitelist_prefixes;
+    Allowlist allowlist;
+    Allowlist internal_allowlist;
+    Allowlist allowlist_prefixes;
     ConfigData config_data;
 };
 

diff --git a/src/managers/module_manager.cc b/src/managers/module_manager.cc
index 6c9175f97bb5a42027a99d9177fbf6148dd41cee..49a7d7618ac22deea813760a9cae07cd0ce1af44 100644 (file)
--- a/src/managers/module_manager.cc
+++ b/src/managers/module_manager.cc
@@ -645,12 +645,12 @@ SO_PUBLIC bool set_alias(const char* from, const char* to)
 
 SO_PUBLIC void snort_whitelist_append(const char* s)
 {
-    Shell::whitelist_append(s, false);
+    Shell::allowlist_append(s, false);
 }
 
 SO_PUBLIC void snort_whitelist_add_prefix(const char* s)
 {
-    Shell::whitelist_append(s, true);
+    Shell::allowlist_append(s, true);
 }
 
 SO_PUBLIC bool open_table(const char* s, int idx)
@@ -670,7 +670,7 @@ SO_PUBLIC bool open_table(const char* s, int idx)
 
     if ( !h || (h->api && h->api->type == PT_IPS_OPTION) )
     {
-        if ( !Shell::is_whitelisted(key) )
+        if ( !Shell::is_trusted(key) )
             ParseWarning(WARN_CONF_STRICT, "unknown table %s", key.c_str());
         return false;
     }

diff --git a/src/network_inspectors/appid/appid_session_api.cc b/src/network_inspectors/appid/appid_session_api.cc
index 00511ad1e00800f57c45538bd9a07afbf2b80b8b..4898d44e7fda1ca44112850a2d9bf394db0e5470 100644 (file)
--- a/src/network_inspectors/appid/appid_session_api.cc
+++ b/src/network_inspectors/appid/appid_session_api.cc
@@ -31,7 +31,7 @@
 #include "service_plugins/service_bootp.h"
 #include "service_plugins/service_netbios.h"
 
-#define SSL_WHITELIST_PKT_LIMIT 20
+#define SSL_ALLOWLIST_PKT_LIMIT 20
 
 using namespace snort;
 
@@ -209,7 +209,7 @@ bool AppIdSessionApi::is_appid_inspecting_session() const
         asd->get_session_flags(APPID_SESSION_HTTP_SESSION | APPID_SESSION_CONTINUE) or
         (asd->get_session_flags(APPID_SESSION_ENCRYPTED) and
             (asd->get_session_flags(APPID_SESSION_DECRYPTED) or
-            asd->session_packet_count < SSL_WHITELIST_PKT_LIMIT)) )
+            asd->session_packet_count < SSL_ALLOWLIST_PKT_LIMIT)) )
     {
         return true;
     }

diff --git a/src/network_inspectors/appid/test/appid_session_api_test.cc b/src/network_inspectors/appid/test/appid_session_api_test.cc
index 25c142f3d94be1a332aada9177a01b31c68956d4..5d9bab02266dac139810d00072b0c79e531d8229 100644 (file)
--- a/src/network_inspectors/appid/test/appid_session_api_test.cc
+++ b/src/network_inspectors/appid/test/appid_session_api_test.cc
@@ -166,7 +166,7 @@ TEST(appid_session_api, is_appid_inspecting_session)
     val = mock_session->get_api().is_appid_inspecting_session();
     CHECK_TRUE(val);
     mock_session->set_session_flags(APPID_SESSION_DECRYPTED);
-    mock_session->session_packet_count = SSL_WHITELIST_PKT_LIMIT;
+    mock_session->session_packet_count = SSL_ALLOWLIST_PKT_LIMIT;
     val = mock_session->get_api().is_appid_inspecting_session();
     CHECK_TRUE(val);