From: Steve Chew (stechew) Date: Tue, 20 Jul 2021 20:18:36 +0000 (+0000) Subject: Merge pull request #2975 in SNORT/snort3 from ~SBAIGAL/snort3:control_expire to master X-Git-Tag: 3.1.9.0~11 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7c3727a1ea350c89f3a2a56a1ced48e914de2ecd;p=thirdparty%2Fsnort3.git Merge pull request #2975 in SNORT/snort3 from ~SBAIGAL/snort3:control_expire to master Squashed commit of the following: commit 69747b5e417ef9603f71dc6bfab54c6885c8ee0d Author: Steven Baigal (sbaigal) Date: Fri Jul 9 19:02:34 2021 -0400 control: add idle expire removal to control channels --- diff --git a/src/control/control.cc b/src/control/control.cc index e706247c7..10190c57c 100644 --- a/src/control/control.cc +++ b/src/control/control.cc @@ -51,6 +51,7 @@ ControlConn* ControlConn::query_from_lua(const lua_State* L) ControlConn::ControlConn(int fd, bool local) : fd(fd), local(local) { + touch(); shell = new Shell; configure(); show_prompt(); @@ -114,7 +115,7 @@ int ControlConn::read_commands() } if (n == 0 && commands_found == 0) return -1; - + touch(); return commands_found; } @@ -147,6 +148,16 @@ void ControlConn::remove() removed = true; } +void ControlConn::touch() +{ + touched = time(nullptr); +} + +time_t ControlConn::get_touched() const +{ + return touched; +} + void ControlConn::unblock() { if (blocked) @@ -187,6 +198,7 @@ bool ControlConn::respond(const char* format, va_list& ap) else bytes_written += n; } + touch(); return true; } diff --git a/src/control/control.h b/src/control/control.h index d96ce4080..63db6b636 100644 --- a/src/control/control.h +++ b/src/control/control.h @@ -51,6 +51,7 @@ public: bool is_closed() const { return (fd == -1); } bool is_removed() const { return removed; } bool has_pending_command() const { return !pending_commands.empty(); } + time_t get_touched() const; void configure() const; int read_commands(); @@ -64,6 +65,7 @@ public: private: bool respond(const char* format, va_list& ap); bool show_prompt(); + void touch(); private: std::queue pending_commands; @@ -73,6 +75,7 @@ private: bool local = false; bool blocked = false; bool removed = false; + time_t touched; }; #define LogRespond(cn, ...) if (cn) cn->respond(__VA_ARGS__); else LogMessage(__VA_ARGS__) diff --git a/src/control/control_mgmt.cc b/src/control/control_mgmt.cc index 76d1d6ee0..9ed179ad9 100644 --- a/src/control/control_mgmt.cc +++ b/src/control/control_mgmt.cc @@ -45,6 +45,7 @@ using namespace snort; static constexpr unsigned MAX_CONTROL_FDS = 16; +static constexpr unsigned MAX_CONTROL_IDLE_TIME = 60; static int listener = -1; static socklen_t sock_addr_size = 0; @@ -71,6 +72,8 @@ struct FdEvents{ static int epoll_fd = -1; static unsigned nfds; +static void delete_expired_controls(); + static bool init_controls() { epoll_fd = epoll_create1(0); @@ -85,6 +88,9 @@ static bool init_controls() static bool register_control_fd(const int fd) { + if (nfds + 2 >= MAX_CONTROL_FDS) + delete_expired_controls(); + if (nfds == MAX_CONTROL_FDS) { WarningMessage("Failed to add file descriptor, exceed max (%d)\n", nfds); @@ -368,6 +374,23 @@ static void clear_controls() controls.clear(); } +static void delete_expired_controls() +{ + int fds[MAX_CONTROL_FDS], n=0; + time_t curr_time = time(nullptr); + for (const auto& p : controls) + { + ControlConn* ctrlcon = p.second; + if (!ctrlcon->is_local() and (curr_time - ctrlcon->get_touched()) >= MAX_CONTROL_IDLE_TIME) + fds[n++] = p.first; + } + for(int i=0; i