Merge pull request #2446 in SNORT/snort3 from ~MASHASAN/snort3:fp_reload to master

Squashed commit of the following:

commit 6971b4c9c09c425532ccf946106d911f16b50d56
Author: Masud Hasan <mashasan@cisco.com>
Date:   Mon Aug 31 17:01:52 2020 -0400

    rna: Removing unused command and exporting swapper

diff --git a/src/main/CMakeLists.txt b/src/main/CMakeLists.txt
index 502e5710dc6951540aaa09681550ac78d3247e69..5e23a2708278b0c382ffb4070d0895e4409c30d4 100644 (file)
--- a/src/main/CMakeLists.txt
+++ b/src/main/CMakeLists.txt
@@ -6,6 +6,7 @@ set (INCLUDES
     snort_config.h
     snort_debug.h
     snort_types.h
+    swapper.h
     thread.h
     thread_config.h
 )
@@ -39,7 +40,6 @@ add_library (main OBJECT
     snort_module.h
     snort_module.cc
     swapper.cc
-    swapper.h
     thread.cc
     thread_config.h
     thread_config.cc

diff --git a/src/main/swapper.h b/src/main/swapper.h
index beca13f9dc595a1fdbe911191f9a5e68d3ad6589..4defaaf8e19ed37d38a29c65cd61751780847b43 100644 (file)
--- a/src/main/swapper.h
+++ b/src/main/swapper.h
@@ -22,6 +22,8 @@
 
 // used to make thread local, pointer-based config swaps by packet threads
 
+#include "main/snort_types.h"
+
 namespace snort
 {
 struct SnortConfig;
@@ -29,7 +31,7 @@ struct SnortConfig;
 
 class Analyzer;
 
-class Swapper
+class SO_PUBLIC Swapper
 {
 public:
     Swapper(snort::SnortConfig*);

diff --git a/src/network_inspectors/rna/rna_fingerprint_tcp.h b/src/network_inspectors/rna/rna_fingerprint_tcp.h
index 4331c00361b5dc1b06dbf1539bebf4d2c2ddb806..a6e8877c345a2d07d58c2ad8ca7091e1838ffc2f 100644 (file)
--- a/src/network_inspectors/rna/rna_fingerprint_tcp.h
+++ b/src/network_inspectors/rna/rna_fingerprint_tcp.h
@@ -123,7 +123,7 @@ private:
 }
 
 snort::TcpFpProcessor* get_tcp_fp_processor();
-void set_tcp_fp_processor(snort::TcpFpProcessor*);
+SO_PUBLIC void set_tcp_fp_processor(snort::TcpFpProcessor*);
 
 struct FpFingerprintState
 {

diff --git a/src/network_inspectors/rna/rna_inspector.cc b/src/network_inspectors/rna/rna_inspector.cc
index e70fc14f1ed715f2366a1e5783313bc9126c55bf..a1223824355ad2961fed16c02526b8c4fab73cec 100644 (file)
--- a/src/network_inspectors/rna/rna_inspector.cc
+++ b/src/network_inspectors/rna/rna_inspector.cc
@@ -200,6 +200,14 @@ TcpFpProcessor* RnaInspector::get_or_create_fp_processor()
     return nullptr;
 }
 
+void RnaInspector::set_fp_processor(TcpFpProcessor* tfp)
+{
+    if ( mod_conf )
+    {
+        delete mod_conf->processor;
+        mod_conf->processor = tfp;
+    }
+}
 
 //-------------------------------------------------------------------------
 // api stuff

diff --git a/src/network_inspectors/rna/rna_inspector.h b/src/network_inspectors/rna/rna_inspector.h
index 44658593d5cb409c292c3a40f63bbe7ac9aa33a1..7ce0709a07df811aa886a8017ec198e33efd8e55 100644 (file)
--- a/src/network_inspectors/rna/rna_inspector.h
+++ b/src/network_inspectors/rna/rna_inspector.h
@@ -49,6 +49,7 @@ public:
     void tterm() override;
 
     snort::TcpFpProcessor* get_or_create_fp_processor();
+    void set_fp_processor(snort::TcpFpProcessor* tfp);
 
 private:
     void load_rna_conf();

diff --git a/src/network_inspectors/rna/rna_module.cc b/src/network_inspectors/rna/rna_module.cc
index 9ca7f840c6c78588770d5aa2dfc06efcc9000ada..a04703998093ce196f32e8fed02c35381a6150da 100644 (file)
--- a/src/network_inspectors/rna/rna_module.cc
+++ b/src/network_inspectors/rna/rna_module.cc
@@ -33,10 +33,7 @@
 #include "log/messages.h"
 #include "lua/lua.h"
 #include "main/snort_config.h"
-#include "main/swapper.h"
-#include "managers/inspector_manager.h"
 #include "managers/module_manager.h"
-#include "src/main.h"
 #include "utils/util.h"
 
 #include "rna_fingerprint_tcp.h"
@@ -62,37 +59,6 @@ static int dump_mac_cache(lua_State* L)
     return 0;
 }
 
-static int reload_fingerprint(lua_State*)
-{
-    // This should be initialized from lua parameter when the rest of this command is implemented
-    bool from_shell = false;
-
-    Request& current_request = get_current_request();
-
-    if (Swapper::get_reload_in_progress())
-    {
-        current_request.respond("== reload pending; retry\n", from_shell);
-        return 0;
-    }
-
-    if (!InspectorManager::get_inspector(RNA_NAME))
-    {
-        current_request.respond("== reload fingerprint failed - rna not enabled\n", from_shell);
-        return 0;
-    }
-
-    // Check here if rna utility library and fingerprint database are present; fail if absent
-
-    Swapper::set_reload_in_progress(true);
-    current_request.respond(".. reloading fingerprint\n", from_shell);
-
-    // Reinitialize here fingerprint database; broadcast command if it is in thread local context
-
-    current_request.respond("== reload fingerprint complete\n", from_shell);
-    Swapper::set_reload_in_progress(false);
-    return 0;
-}
-
 static inline string format_dump_mac(const uint8_t mac[MAC_SIZE])
 {
     stringstream ss;
@@ -110,8 +76,6 @@ static inline string format_dump_mac(const uint8_t mac[MAC_SIZE])
 
 static const Command rna_cmds[] =
 {
-    { "reload_fingerprint", reload_fingerprint, nullptr,
-      "reload rna database of fingerprint patterns/signatures" },
     { "dump_macs", dump_mac_cache, nullptr,
       "dump rna's internal MAC trackers" },
     { nullptr, nullptr, nullptr, nullptr }

diff --git a/src/network_inspectors/rna/test/rna_module_mock.h b/src/network_inspectors/rna/test/rna_module_mock.h
index 02ae13a7b20431720221e0c695abfdc311b22ca0..b983ee230f5d3b8cf31338c1ddcdc12db4d900b2 100644 (file)
--- a/src/network_inspectors/rna/test/rna_module_mock.h
+++ b/src/network_inspectors/rna/test/rna_module_mock.h
@@ -23,21 +23,13 @@
 
 #include "../rna_mac_cache.cc"
 
-bool Swapper::reload_in_progress = false;
 THREAD_LOCAL RnaStats rna_stats;
 THREAD_LOCAL ProfileStats rna_perf_stats;
-static Request mock_request;
 
 const char* luaL_optlstring(lua_State*, int, const char*, size_t*) { return nullptr; }
 
-Request& get_current_request()
-{ return mock_request; }
-
 namespace snort
 {
-Inspector* InspectorManager::get_inspector(const char*, bool, const SnortConfig*)
-{ return nullptr; }
-
 Module* ModuleManager::get_module(const char*)
 { return nullptr; }
 

diff --git a/src/network_inspectors/rna/test/rna_module_test.cc b/src/network_inspectors/rna/test/rna_module_test.cc
index 231ef880f9f087d9c00e7e6b7f90f34c2eaa5cdb..ffced25227a349fd5a18e54c4a1b3e842969b9d4 100644 (file)
--- a/src/network_inspectors/rna/test/rna_module_test.cc
+++ b/src/network_inspectors/rna/test/rna_module_test.cc
@@ -36,35 +36,10 @@
 #include <CppUTest/TestHarness.h>
 #include <CppUTestExt/MockSupport.h>
 
-void Request::respond(const char* msg, bool, bool)
-{
-    mock().actualCall("respond").onObject(this).withParameter("msg", msg);
-}
-
 TEST_GROUP(rna_module_test)
 {
 };
 
-TEST(rna_module_test, reload_fingerprint)
-{
-    // When another reload is pending
-    mock().expectOneCall("respond").onObject(&mock_request).withParameter("msg", "== reload pending; retry\n");
-    Swapper::set_reload_in_progress(true);
-    reload_fingerprint(nullptr);
-    Swapper::set_reload_in_progress(false);
-    mock().checkExpectations();
-
-    // When rna is not configured
-    mock().expectOneCall("respond").onObject(&mock_request).withParameter("msg", "== reload fingerprint failed - rna not enabled\n");
-    reload_fingerprint(nullptr);
-    mock().checkExpectations();
-
-    // Reload in progress flag should remain unset at the end
-    CHECK_FALSE(Swapper::get_reload_in_progress());
-
-    mock().clear();
-}
-
 TEST(rna_module_test, push_tcp_fingerprints)
 {
     // In plain English, we test that the RNA module pushes tcp fingerprints