Merge pull request #1877 in SNORT/snort3 from ~RUCOMBS/snort3:reincluder to master

Squashed commit of the following:

commit 7499236c7f9a0d79228c56d96099acf939626daf
Author: russ <rucombs@cisco.com>
Date:   Wed Dec 4 17:43:52 2019 -0500

    ips: do not use includer for any rules file includes

commit 2ce77f3186a19a723f97d9fbc34bc28bc3cd8053
Author: russ <rucombs@cisco.com>
Date:   Wed Dec 4 13:40:56 2019 -0500

    ips: fix --show-file-codes for inclusion from -c file

diff --git a/src/managers/module_manager.cc b/src/managers/module_manager.cc
index 16e0627340648b59eeb218e5fbfd90cdfb31ebde..73337d8858c8eb63a357397359591fde14a290e3 100644 (file)
--- a/src/managers/module_manager.cc
+++ b/src/managers/module_manager.cc
@@ -1342,7 +1342,7 @@ void ModuleManager::load_rules(SnortConfig* sc)
 
             // note:  you can NOT do ss.str().c_str() here
             const string& rule = ss.str();
-            ParseConfigString(sc, rule.c_str());
+            parse_rules_string(sc, rule.c_str());
 
             r++;
         }

diff --git a/src/parser/parse_conf.cc b/src/parser/parse_conf.cc
index 2fcdb49f58ac21ec2ac2ad2d7c32c8e8da400f74..9c54f609ed360529cd982ab81b2013ce170f8f3a 100644 (file)
--- a/src/parser/parse_conf.cc
+++ b/src/parser/parse_conf.cc
@@ -59,6 +59,7 @@ struct Location
 };
 
 static std::stack<Location> files;
+static int rules_file_depth = 0;
 
 const char* get_parse_file()
 {
@@ -186,7 +187,7 @@ void parse_include(SnortConfig* sc, const char* arg)
 {
     assert(arg);
     arg = ExpandVars(sc, arg);
-    std::string file = get_ips_policy()->includer;
+    std::string file = !rules_file_depth ? get_ips_policy()->includer : get_parse_file();
 
     const char* code = get_config_file(arg, file);
 
@@ -196,7 +197,7 @@ void parse_include(SnortConfig* sc, const char* arg)
         return;
     }
     push_parse_location(code, file.c_str(), arg);
-    ParseConfigFile(sc, file.c_str());
+    parse_rules_file(sc, file.c_str());
     pop_parse_location();
 }
 
@@ -327,7 +328,7 @@ ListHead* get_rule_list(SnortConfig* sc, const char* s)
     return p ? p->RuleList : nullptr;
 }
 
-void ParseConfigFile(SnortConfig* sc, const char* fname)
+void parse_rules_file(SnortConfig* sc, const char* fname)
 {
     if ( !fname )
         return;
@@ -340,10 +341,12 @@ void ParseConfigFile(SnortConfig* sc, const char* fname)
             fname, get_error(errno));
         return;
     }
+    ++rules_file_depth;
     parse_stream(fs, sc);
+    --rules_file_depth;
 }
 
-void ParseConfigString(SnortConfig* sc, const char* s)
+void parse_rules_string(SnortConfig* sc, const char* s)
 {
     std::string rules = s;
     std::stringstream ss(rules);

diff --git a/src/parser/parse_conf.h b/src/parser/parse_conf.h
index 8caa9698795396b42a46c68fe16f999e8a2ee591..0a404d4e4730c4c85e2d6b755cafc496c26815c6 100644 (file)
--- a/src/parser/parse_conf.h
+++ b/src/parser/parse_conf.h
@@ -38,8 +38,8 @@ const char* get_parse_file();
 // file may hold original parse path on entry
 const char* get_config_file(const char* arg, std::string& file);
 
-void ParseConfigFile(snort::SnortConfig*, const char* fname);
-void ParseConfigString(snort::SnortConfig*, const char* str);
+void parse_rules_file(snort::SnortConfig*, const char* fname);
+void parse_rules_string(snort::SnortConfig*, const char* str);
 
 void ParseIpVar(snort::SnortConfig*, const char* name, const char* s);
 void parse_include(snort::SnortConfig*, const char*);

diff --git a/src/parser/parse_rule.cc b/src/parser/parse_rule.cc
index 35f0113abb2cd65a0e2db84f358201400511abdc..2cbfc37a7d767c52d4456df00c203dbde3fe9468 100644 (file)
--- a/src/parser/parse_rule.cc
+++ b/src/parser/parse_rule.cc
@@ -1206,7 +1206,7 @@ void parse_rule_close(SnortConfig* sc, RuleTreeNode& rtn, OptTreeNode* otn)
         else
         {
             entered = true;
-            ParseConfigString(sc, rule);
+            parse_rules_string(sc, rule);
         }
         OtnFree(otn);
         return;

diff --git a/src/parser/parser.cc b/src/parser/parser.cc
index c5b06f85e14f0bd96ca0402f00fa93d199e49733..0efa08a428227bdf45a8eb617f7b55ab010ef1b4 100644 (file)
--- a/src/parser/parser.cc
+++ b/src/parser/parser.cc
@@ -189,7 +189,7 @@ static void OtnInit(SnortConfig* sc)
     /* Init sid-gid -> otn map */
     sc->otn_map = OtnLookupNew();
     if (sc->otn_map == nullptr)
-        ParseAbort("ParseRulesFile otn_map ghash_new failed.");
+        ParseAbort("otn_map ghash_new failed.");
 }
 
 static RuleListNode* addNodeToOrderedList(RuleListNode* ordered_list,
@@ -352,28 +352,27 @@ void ParseRules(SnortConfig* sc)
         if ( p->enable_builtin_rules )
             ModuleManager::load_rules(sc);
 
-        const char* fname = p->include.c_str();
-        std::string file = p->includer;
-
-        if ( fname && *fname )
+        if ( !p->include.empty() )
         {
-            const char* code = get_config_file(fname, file);
-            push_parse_location(code, file.c_str(), fname);
-            ParseConfigFile(sc, file.c_str());
+            std::string path = p->includer;
+            const char* file = p->include.c_str();
+            const char* code = get_config_file(file, path);
+            push_parse_location(code, path.c_str(), file);
+            parse_rules_file(sc, path.c_str());
             pop_parse_location();
         }
 
         if ( !p->rules.empty() )
         {
-            push_parse_location("C", file.c_str(), "ips.rules");
-            ParseConfigString(sc, p->rules.c_str());
+            push_parse_location("C", p->includer.c_str(), "ips.rules");
+            parse_rules_string(sc, p->rules.c_str());
             pop_parse_location();
         }
 
         if ( !p->states.empty() )
         {
-            push_parse_location("C", file.c_str(), "ips.states");
-            ParseConfigString(sc, p->states.c_str());
+            push_parse_location("C", p->includer.c_str(), "ips.states");
+            parse_rules_string(sc, p->states.c_str());
             pop_parse_location();
         }
 
@@ -381,7 +380,7 @@ void ParseRules(SnortConfig* sc)
         {
             p->includer.clear();
             push_parse_location("W", "./", "rule args");
-            ParseConfigString(sc, s_aux_rules.c_str());
+            parse_rules_string(sc, s_aux_rules.c_str());
             pop_parse_location();
         }
 

diff --git a/src/ports/rule_port_tables.cc b/src/ports/rule_port_tables.cc
index c276e4a22c5299f36e1d7c829b7d1316e6c1163d..d9311324ca5bc4e3aaa58040840f92b0a136cef5 100644 (file)
--- a/src/ports/rule_port_tables.cc
+++ b/src/ports/rule_port_tables.cc
@@ -72,7 +72,7 @@ RulePortTables* PortTablesNew()
     RulePortTables* rpt = new RulePortTables;
 
     if ( !(rpt->svc_any = PortObjectNew()) )
-        ParseAbort("ParseRulesFile udp any-any PortObjectNew() failed");
+        ParseAbort("udp any-any PortObjectNew() failed");
 
     PortObjectAddPortAny(rpt->svc_any);