From: Victor Julien <victor@inliniac.net>
Date: Tue, 14 Apr 2020 12:21:31 +0000 (+0200)
Subject: datasets: add 'dataset-remove' unix command
X-Git-Tag: suricata-6.0.0-beta1~493
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7a6269798ba309deedc7110c5cc8bb763bd89926;p=thirdparty%2Fsuricata.git

datasets: add 'dataset-remove' unix command
---

diff --git a/python/suricata/sc/specs.py b/python/suricata/sc/specs.py
index 269434d826..9b42074169 100644
--- a/python/suricata/sc/specs.py
+++ b/python/suricata/sc/specs.py
@@ -180,4 +180,18 @@ argsd = {
             "required": 1,
         },
     ],
+    "dataset-remove": [
+        {
+            "name": "setname",
+            "required": 1,
+        },
+        {
+            "name": "settype",
+            "required": 1,
+        },
+        {
+            "name": "datavalue",
+            "required": 1,
+        },
+    ],
     }
diff --git a/python/suricata/sc/suricatasc.py b/python/suricata/sc/suricatasc.py
index 8381aa7dda..b5a8f4a346 100644
--- a/python/suricata/sc/suricatasc.py
+++ b/python/suricata/sc/suricatasc.py
@@ -106,6 +106,7 @@ class SuricataSC:
                 "memcap-set",
                 "memcap-show",
                 "dataset-add",
+                "dataset-remove",
                 ]
         self.cmd_list = self.basic_commands + self.fn_commands
         self.sck_path = sck_path
diff --git a/src/runmode-unix-socket.c b/src/runmode-unix-socket.c
index 355d1305f4..656ebc1474 100644
--- a/src/runmode-unix-socket.c
+++ b/src/runmode-unix-socket.c
@@ -691,6 +691,59 @@ TmEcode UnixSocketDatasetAdd(json_t *cmd, json_t* answer, void *data)
     }
 }
 
+TmEcode UnixSocketDatasetRemove(json_t *cmd, json_t* answer, void *data)
+{
+    /* 1 get dataset name */
+    json_t *narg = json_object_get(cmd, "setname");
+    if (!json_is_string(narg)) {
+        json_object_set_new(answer, "message", json_string("setname is not a string"));
+        return TM_ECODE_FAILED;
+    }
+    const char *set_name = json_string_value(narg);
+
+    /* 2 get the data type */
+    json_t *targ = json_object_get(cmd, "settype");
+    if (!json_is_string(targ)) {
+        json_object_set_new(answer, "message", json_string("settype is not a string"));
+        return TM_ECODE_FAILED;
+    }
+    const char *type = json_string_value(targ);
+
+    /* 3 get value */
+    json_t *varg = json_object_get(cmd, "datavalue");
+    if (!json_is_string(varg)) {
+        json_object_set_new(answer, "message", json_string("datavalue is not string"));
+        return TM_ECODE_FAILED;
+    }
+    const char *value = json_string_value(varg);
+
+    SCLogDebug("dataset-remove: %s type %s value %s", set_name, type, value);
+
+    enum DatasetTypes t = DatasetGetTypeFromString(type);
+    if (t == DATASET_TYPE_NOTSET) {
+        json_object_set_new(answer, "message", json_string("unknown settype"));
+        return TM_ECODE_FAILED;
+    }
+
+    Dataset *set = DatasetFind(set_name, t);
+    if (set == NULL) {
+        json_object_set_new(answer, "message", json_string("set not found or wrong type"));
+        return TM_ECODE_FAILED;
+    }
+
+    int r = DatasetRemoveSerialized(set, value);
+    if (r == 1) {
+        json_object_set_new(answer, "message", json_string("data removed"));
+        return TM_ECODE_OK;
+    } else if (r == 0) {
+        json_object_set_new(answer, "message", json_string("data is busy, try again"));
+        return TM_ECODE_OK;
+    } else {
+        json_object_set_new(answer, "message", json_string("failed to remove data"));
+        return TM_ECODE_FAILED;
+    }
+}
+
 /**
  * \brief Command to add a tenant handler
  *
diff --git a/src/runmode-unix-socket.h b/src/runmode-unix-socket.h
index 630246996c..fc8ff8a3c8 100644
--- a/src/runmode-unix-socket.h
+++ b/src/runmode-unix-socket.h
@@ -32,6 +32,7 @@ TmEcode UnixSocketPcapFile(TmEcode tm, struct timespec *last_processed);
 
 #ifdef BUILD_UNIX_SOCKET
 TmEcode UnixSocketDatasetAdd(json_t *cmd, json_t* answer, void *data);
+TmEcode UnixSocketDatasetRemove(json_t *cmd, json_t* answer, void *data);
 TmEcode UnixSocketRegisterTenantHandler(json_t *cmd, json_t* answer, void *data);
 TmEcode UnixSocketUnregisterTenantHandler(json_t *cmd, json_t* answer, void *data);
 TmEcode UnixSocketRegisterTenant(json_t *cmd, json_t* answer, void *data);
diff --git a/src/unix-manager.c b/src/unix-manager.c
index 6de2ecd142..bfa394b7a6 100644
--- a/src/unix-manager.c
+++ b/src/unix-manager.c
@@ -1083,6 +1083,7 @@ int UnixManagerInit(void)
     UnixManagerRegisterCommand("memcap-list", UnixSocketShowAllMemcap, NULL, 0);
 
     UnixManagerRegisterCommand("dataset-add", UnixSocketDatasetAdd, &command, UNIX_CMD_TAKE_ARGS);
+    UnixManagerRegisterCommand("dataset-remove", UnixSocketDatasetRemove, &command, UNIX_CMD_TAKE_ARGS);
 
     return 0;
 }