If new ruleset requires any htp callbacks that aren't already set, don't load new...

diff --git a/src/app-layer-htp.c b/src/app-layer-htp.c
index d44a9f22e0d9ebc2d47b698d1aea6845ec973bad..f5fdd76b596f4e711a2df56ec114fd07bdcb5d06 100644 (file)
--- a/src/app-layer-htp.c
+++ b/src/app-layer-htp.c
@@ -96,14 +96,14 @@ static uint64_t htp_state_memcnt = 0;
 #endif
 
 /** part of the engine needs the request body (e.g. http_client_body keyword) */
-static uint8_t need_htp_request_body = 0;
+uint8_t need_htp_request_body = 0;
 /** part of the engine needs the request body multipart header (e.g. filename
  *  and / or fileext keywords) */
-static uint8_t need_htp_request_multipart_hdr = 0;
+uint8_t need_htp_request_multipart_hdr = 0;
 /** part of the engine needs the request file (e.g. log-file module) */
-static uint8_t need_htp_request_file = 0;
+uint8_t need_htp_request_file = 0;
 /** part of the engine needs the request body (e.g. file_data keyword) */
-static uint8_t need_htp_response_body = 0;
+uint8_t need_htp_response_body = 0;
 
 SCEnumCharMap http_decoder_event_table[ ] = {
     { "UNKNOWN_ERROR",

diff --git a/src/app-layer-htp.h b/src/app-layer-htp.h
index 2579b9229abd4c0fa4694de5f97c62020c82d149..24f3d4d631c8e9a3a11eb04a1668d66749dc6c67 100644 (file)
--- a/src/app-layer-htp.h
+++ b/src/app-layer-htp.h
@@ -202,6 +202,16 @@ typedef struct HtpState_ {
     FileContainer *files_tc;
 } HtpState;
 
+/** part of the engine needs the request body (e.g. http_client_body keyword) */
+extern uint8_t need_htp_request_body;
+/** part of the engine needs the request body multipart header (e.g. filename
+ *  and / or fileext keywords) */
+extern uint8_t need_htp_request_multipart_hdr;
+/** part of the engine needs the request file (e.g. log-file module) */
+extern uint8_t need_htp_request_file;
+/** part of the engine needs the request body (e.g. file_data keyword) */
+extern uint8_t need_htp_response_body;
+
 void RegisterHTPParsers(void);
 void HTPParserRegisterTests(void);
 void HTPAtExitPrintStats(void);

diff --git a/src/detect-engine.c b/src/detect-engine.c
index 06ae57932368dbc75d22c37db7f3efe420ca4e00..3099b17b7e272d6b289dead786d5c5ccfee10a8f 100644 (file)
--- a/src/detect-engine.c
+++ b/src/detect-engine.c
@@ -29,6 +29,8 @@
 #include "conf.h"
 #include "conf-yaml-loader.h"
 
+#include "app-layer-htp.h"
+
 #include "detect-parse.h"
 #include "detect-engine-sigorder.h"
 
@@ -126,14 +128,33 @@ static void *DetectEngineLiveRuleSwap(void *arg)
     //if (MagicInit() != 0)
     //    exit(EXIT_FAILURE);
 
+    uint8_t local_need_htp_request_body = need_htp_request_body;
+    uint8_t local_need_htp_request_multipart_hdr = need_htp_request_multipart_hdr;
+    uint8_t local_need_htp_request_file = need_htp_request_file;
+    uint8_t local_need_htp_response_body = need_htp_response_body;
+
     if (SigLoadSignatures(de_ctx, NULL, FALSE) < 0) {
         SCLogError(SC_ERR_NO_RULES_LOADED, "Loading signatures failed.");
         if (de_ctx->failure_fatal)
             exit(EXIT_FAILURE);
     }
 
-    SCThresholdConfInitContext(de_ctx, NULL);
+    if (local_need_htp_request_body != need_htp_request_body ||
+        local_need_htp_request_multipart_hdr != need_htp_request_multipart_hdr ||
+        local_need_htp_request_file != need_htp_request_file ||
+        local_need_htp_response_body != need_htp_response_body) {
+        SCLogInfo("===== New ruleset requires enabling htp features that "
+                  "can't be enabled at runtime.  You will have to restart "
+                  "engine to load the new ruleset =====");
+        DetectEngineCtxFree(de_ctx);
+        SignalHandlerSetup(SIGUSR2, SignalHandlerSigusr2);
 
+        TmThreadsSetFlag(tv_local, THV_CLOSED);
+
+        pthread_exit(NULL);
+    }
+
+    SCThresholdConfInitContext(de_ctx, NULL);
 
     /* start the process of swapping detect threads ctxs */