From: Masud Hasan (mashasan) <mashasan@cisco.com>
Date: Tue, 8 Sep 2020 14:19:39 +0000 (+0000)
Subject: Merge pull request #2446 in SNORT/snort3 from ~MASHASAN/snort3:fp_reload to master
X-Git-Tag: 3.0.2-6~15
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6e7c0744d816eab401c7c80331ad52db611b353c;p=thirdparty%2Fsnort3.git

Merge pull request #2446 in SNORT/snort3 from ~MASHASAN/snort3:fp_reload to master

Squashed commit of the following:

commit 6971b4c9c09c425532ccf946106d911f16b50d56
Author: Masud Hasan <mashasan@cisco.com>
Date:   Mon Aug 31 17:01:52 2020 -0400

    rna: Removing unused command and exporting swapper
---

diff --git a/src/main/CMakeLists.txt b/src/main/CMakeLists.txt
index 502e5710d..5e23a2708 100644
--- a/src/main/CMakeLists.txt
+++ b/src/main/CMakeLists.txt
@@ -6,6 +6,7 @@ set (INCLUDES
     snort_config.h
     snort_debug.h
     snort_types.h
+    swapper.h
     thread.h
     thread_config.h
 )
@@ -39,7 +40,6 @@ add_library (main OBJECT
     snort_module.h
     snort_module.cc
     swapper.cc
-    swapper.h
     thread.cc
     thread_config.h
     thread_config.cc
diff --git a/src/main/swapper.h b/src/main/swapper.h
index beca13f9d..4defaaf8e 100644
--- a/src/main/swapper.h
+++ b/src/main/swapper.h
@@ -22,6 +22,8 @@
 
 // used to make thread local, pointer-based config swaps by packet threads
 
+#include "main/snort_types.h"
+
 namespace snort
 {
 struct SnortConfig;
@@ -29,7 +31,7 @@ struct SnortConfig;
 
 class Analyzer;
 
-class Swapper
+class SO_PUBLIC Swapper
 {
 public:
     Swapper(snort::SnortConfig*);
diff --git a/src/network_inspectors/rna/rna_fingerprint_tcp.h b/src/network_inspectors/rna/rna_fingerprint_tcp.h
index 4331c0036..a6e8877c3 100644
--- a/src/network_inspectors/rna/rna_fingerprint_tcp.h
+++ b/src/network_inspectors/rna/rna_fingerprint_tcp.h
@@ -123,7 +123,7 @@ private:
 }
 
 snort::TcpFpProcessor* get_tcp_fp_processor();
-void set_tcp_fp_processor(snort::TcpFpProcessor*);
+SO_PUBLIC void set_tcp_fp_processor(snort::TcpFpProcessor*);
 
 struct FpFingerprintState
 {
diff --git a/src/network_inspectors/rna/rna_inspector.cc b/src/network_inspectors/rna/rna_inspector.cc
index e70fc14f1..a12238243 100644
--- a/src/network_inspectors/rna/rna_inspector.cc
+++ b/src/network_inspectors/rna/rna_inspector.cc
@@ -200,6 +200,14 @@ TcpFpProcessor* RnaInspector::get_or_create_fp_processor()
     return nullptr;
 }
 
+void RnaInspector::set_fp_processor(TcpFpProcessor* tfp)
+{
+    if ( mod_conf )
+    {
+        delete mod_conf->processor;
+        mod_conf->processor = tfp;
+    }
+}
 
 //-------------------------------------------------------------------------
 // api stuff
diff --git a/src/network_inspectors/rna/rna_inspector.h b/src/network_inspectors/rna/rna_inspector.h
index 44658593d..7ce0709a0 100644
--- a/src/network_inspectors/rna/rna_inspector.h
+++ b/src/network_inspectors/rna/rna_inspector.h
@@ -49,6 +49,7 @@ public:
     void tterm() override;
 
     snort::TcpFpProcessor* get_or_create_fp_processor();
+    void set_fp_processor(snort::TcpFpProcessor* tfp);
 
 private:
     void load_rna_conf();
diff --git a/src/network_inspectors/rna/rna_module.cc b/src/network_inspectors/rna/rna_module.cc
index 9ca7f840c..a04703998 100644
--- a/src/network_inspectors/rna/rna_module.cc
+++ b/src/network_inspectors/rna/rna_module.cc
@@ -33,10 +33,7 @@
 #include "log/messages.h"
 #include "lua/lua.h"
 #include "main/snort_config.h"
-#include "main/swapper.h"
-#include "managers/inspector_manager.h"
 #include "managers/module_manager.h"
-#include "src/main.h"
 #include "utils/util.h"
 
 #include "rna_fingerprint_tcp.h"
@@ -62,37 +59,6 @@ static int dump_mac_cache(lua_State* L)
     return 0;
 }
 
-static int reload_fingerprint(lua_State*)
-{
-    // This should be initialized from lua parameter when the rest of this command is implemented
-    bool from_shell = false;
-
-    Request& current_request = get_current_request();
-
-    if (Swapper::get_reload_in_progress())
-    {
-        current_request.respond("== reload pending; retry\n", from_shell);
-        return 0;
-    }
-
-    if (!InspectorManager::get_inspector(RNA_NAME))
-    {
-        current_request.respond("== reload fingerprint failed - rna not enabled\n", from_shell);
-        return 0;
-    }
-
-    // Check here if rna utility library and fingerprint database are present; fail if absent
-
-    Swapper::set_reload_in_progress(true);
-    current_request.respond(".. reloading fingerprint\n", from_shell);
-
-    // Reinitialize here fingerprint database; broadcast command if it is in thread local context
-
-    current_request.respond("== reload fingerprint complete\n", from_shell);
-    Swapper::set_reload_in_progress(false);
-    return 0;
-}
-
 static inline string format_dump_mac(const uint8_t mac[MAC_SIZE])
 {
     stringstream ss;
@@ -110,8 +76,6 @@ static inline string format_dump_mac(const uint8_t mac[MAC_SIZE])
 
 static const Command rna_cmds[] =
 {
-    { "reload_fingerprint", reload_fingerprint, nullptr,
-      "reload rna database of fingerprint patterns/signatures" },
     { "dump_macs", dump_mac_cache, nullptr,
       "dump rna's internal MAC trackers" },
     { nullptr, nullptr, nullptr, nullptr }
diff --git a/src/network_inspectors/rna/test/rna_module_mock.h b/src/network_inspectors/rna/test/rna_module_mock.h
index 02ae13a7b..b983ee230 100644
--- a/src/network_inspectors/rna/test/rna_module_mock.h
+++ b/src/network_inspectors/rna/test/rna_module_mock.h
@@ -23,21 +23,13 @@
 
 #include "../rna_mac_cache.cc"
 
-bool Swapper::reload_in_progress = false;
 THREAD_LOCAL RnaStats rna_stats;
 THREAD_LOCAL ProfileStats rna_perf_stats;
-static Request mock_request;
 
 const char* luaL_optlstring(lua_State*, int, const char*, size_t*) { return nullptr; }
 
-Request& get_current_request()
-{ return mock_request; }
-
 namespace snort
 {
-Inspector* InspectorManager::get_inspector(const char*, bool, const SnortConfig*)
-{ return nullptr; }
-
 Module* ModuleManager::get_module(const char*)
 { return nullptr; }
 
diff --git a/src/network_inspectors/rna/test/rna_module_test.cc b/src/network_inspectors/rna/test/rna_module_test.cc
index 231ef880f..ffced2522 100644
--- a/src/network_inspectors/rna/test/rna_module_test.cc
+++ b/src/network_inspectors/rna/test/rna_module_test.cc
@@ -36,35 +36,10 @@
 #include <CppUTest/TestHarness.h>
 #include <CppUTestExt/MockSupport.h>
 
-void Request::respond(const char* msg, bool, bool)
-{
-    mock().actualCall("respond").onObject(this).withParameter("msg", msg);
-}
-
 TEST_GROUP(rna_module_test)
 {
 };
 
-TEST(rna_module_test, reload_fingerprint)
-{
-    // When another reload is pending
-    mock().expectOneCall("respond").onObject(&mock_request).withParameter("msg", "== reload pending; retry\n");
-    Swapper::set_reload_in_progress(true);
-    reload_fingerprint(nullptr);
-    Swapper::set_reload_in_progress(false);
-    mock().checkExpectations();
-
-    // When rna is not configured
-    mock().expectOneCall("respond").onObject(&mock_request).withParameter("msg", "== reload fingerprint failed - rna not enabled\n");
-    reload_fingerprint(nullptr);
-    mock().checkExpectations();
-
-    // Reload in progress flag should remain unset at the end
-    CHECK_FALSE(Swapper::get_reload_in_progress());
-
-    mock().clear();
-}
-
 TEST(rna_module_test, push_tcp_fingerprints)
 {
     // In plain English, we test that the RNA module pushes tcp fingerprints