From: Shravan Rangarajuvenkata (shrarang) Date: Mon, 11 Jan 2021 21:19:32 +0000 (+0000) Subject: Merge pull request #2688 in SNORT/snort3 from ~SATHIRKA/snort3:navl_conn_destroy_core... X-Git-Tag: 3.1.0.0~3 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7d9cd8b5db052815a0ea723d2b75de3621f2d2c2;p=thirdparty%2Fsnort3.git Merge pull request #2688 in SNORT/snort3 from ~SATHIRKA/snort3:navl_conn_destroy_core to master Squashed commit of the following: commit 8f96caf9be67da55952502cee1e0822a72ec64c9 Author: Sreeja Athirkandathil Narayanan Date: Wed Jan 6 10:40:59 2021 -0500 appid: tear down third-party when appid gets disabled --- diff --git a/src/network_inspectors/appid/appid_inspector.cc b/src/network_inspectors/appid/appid_inspector.cc index 238a45bb0..5727db7bc 100644 --- a/src/network_inspectors/appid/appid_inspector.cc +++ b/src/network_inspectors/appid/appid_inspector.cc @@ -28,6 +28,7 @@ #include #include "flow/flow.h" +#include "main/analyzer_command.h" #include "managers/inspector_manager.h" #include "managers/module_manager.h" #include "packet_tracer/packet_tracer.h" @@ -178,6 +179,11 @@ void AppIdInspector::tterm() AppIdHAManager::tterm(); } +void AppIdInspector::tear_down(SnortConfig*) +{ + main_broadcast_command(new ACThirdPartyAppIdCleanup(), true); +} + void AppIdInspector::eval(Packet* p) { Profile profile(appid_perf_stats); diff --git a/src/network_inspectors/appid/appid_inspector.h b/src/network_inspectors/appid/appid_inspector.h index 0f9d327b6..dc0e373ba 100644 --- a/src/network_inspectors/appid/appid_inspector.h +++ b/src/network_inspectors/appid/appid_inspector.h @@ -45,6 +45,7 @@ public: void show(const snort::SnortConfig*) const override; void tinit() override; void tterm() override; + void tear_down(snort::SnortConfig*) override; void eval(snort::Packet*) override; AppIdContext& get_ctxt() const; diff --git a/src/network_inspectors/appid/appid_module.cc b/src/network_inspectors/appid/appid_module.cc index ee7cd5062..4ce78cd0e 100644 --- a/src/network_inspectors/appid/appid_module.cc +++ b/src/network_inspectors/appid/appid_module.cc @@ -127,6 +127,18 @@ bool AcAppIdDebug::execute(Analyzer&, void**) return true; } +bool ACThirdPartyAppIdCleanup::execute(Analyzer& a, void**) +{ + if (!pkt_thread_tp_appid_ctxt) + return true; + bool tear_down_in_progress; + if (a.is_idling()) + tear_down_in_progress = pkt_thread_tp_appid_ctxt->tfini(true); + else + tear_down_in_progress = pkt_thread_tp_appid_ctxt->tfini(); + return !tear_down_in_progress; +} + class ACThirdPartyAppIdContextSwap : public AnalyzerCommand { public: @@ -182,9 +194,9 @@ bool ACThirdPartyAppIdContextUnload::execute(Analyzer& ac, void**) ThirdPartyAppIdContext::set_tp_reload_in_progress(true); bool reload_in_progress; if (ac.is_idling()) - reload_in_progress = pkt_thread_tp_appid_ctxt->tfini(true, true); - else reload_in_progress = pkt_thread_tp_appid_ctxt->tfini(true); + else + reload_in_progress = pkt_thread_tp_appid_ctxt->tfini(); if (reload_in_progress) return false; pkt_thread_tp_appid_ctxt = nullptr; diff --git a/src/network_inspectors/appid/appid_module.h b/src/network_inspectors/appid/appid_module.h index df3afa24b..68a6c363a 100644 --- a/src/network_inspectors/appid/appid_module.h +++ b/src/network_inspectors/appid/appid_module.h @@ -26,6 +26,8 @@ #include #include "framework/module.h" +#include "main/analyzer.h" +#include "main/analyzer_command.h" #include "main/snort_config.h" #include "appid_config.h" @@ -98,4 +100,11 @@ private: AppIdConfig* config; }; +class ACThirdPartyAppIdCleanup : public snort::AnalyzerCommand +{ +public: + bool execute(Analyzer&, void**) override; + const char* stringify() override { return "THIRD_PARTY_APPID_CLEANUP"; } +}; + #endif diff --git a/src/network_inspectors/appid/test/appid_discovery_test.cc b/src/network_inspectors/appid/test/appid_discovery_test.cc index 919cbff5b..eff65cbf2 100644 --- a/src/network_inspectors/appid/test/appid_discovery_test.cc +++ b/src/network_inspectors/appid/test/appid_discovery_test.cc @@ -177,6 +177,7 @@ bool AppIdInspector::configure(SnortConfig*) { return true; } void AppIdInspector::show(const SnortConfig*) const { } void AppIdInspector::tinit() { } void AppIdInspector::tterm() { } +void AppIdInspector::tear_down(SnortConfig*) { } AppIdContext& AppIdInspector::get_ctxt() const { assert(ctxt); diff --git a/src/network_inspectors/appid/test/appid_mock_inspector.h b/src/network_inspectors/appid/test/appid_mock_inspector.h index e3213948b..328ccb598 100644 --- a/src/network_inspectors/appid/test/appid_mock_inspector.h +++ b/src/network_inspectors/appid/test/appid_mock_inspector.h @@ -66,6 +66,7 @@ bool AppIdInspector::configure(snort::SnortConfig*) { return true; } void AppIdInspector::show(const SnortConfig*) const { } void AppIdInspector::tinit() { } void AppIdInspector::tterm() { } +void AppIdInspector::tear_down(snort::SnortConfig*) { } AppIdContext& AppIdInspector::get_ctxt() const { return *ctxt; } AppIdModule appid_mod; diff --git a/src/network_inspectors/appid/test/tp_mock.cc b/src/network_inspectors/appid/test/tp_mock.cc index d3c783017..2519b111a 100644 --- a/src/network_inspectors/appid/test/tp_mock.cc +++ b/src/network_inspectors/appid/test/tp_mock.cc @@ -56,7 +56,7 @@ public: } int tinit() override { return 0; } - bool tfini(bool, bool) override { return false; } + bool tfini(bool) override { return false; } const string& get_user_config() const override { return user_config; } private: diff --git a/src/network_inspectors/appid/tp_appid_module_api.h b/src/network_inspectors/appid/tp_appid_module_api.h index 4cab3143a..af7cbe85f 100644 --- a/src/network_inspectors/appid/tp_appid_module_api.h +++ b/src/network_inspectors/appid/tp_appid_module_api.h @@ -60,7 +60,7 @@ public: const std::string& module_name() const { return name; } virtual int tinit() = 0; - virtual bool tfini(bool reload = false, bool is_idling = false) = 0; + virtual bool tfini(bool is_idling = false) = 0; virtual const ThirdPartyConfig& get_config() const { return cfg; }