From: Masud Hasan (mashasan) <mashasan@cisco.com>
Date: Tue, 23 Jun 2020 00:22:22 +0000 (+0000)
Subject: Merge pull request #2271 in SNORT/snort3 from ~MASHASAN/snort3:reload_fp to master
X-Git-Tag: 3.0.2-1~23
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ba4f660725fc983247780a5c6ef883e61016f4cb;p=thirdparty%2Fsnort3.git

Merge pull request #2271 in SNORT/snort3 from ~MASHASAN/snort3:reload_fp to master

Squashed commit of the following:

commit 7d07a6fe3f117abe2a208e3b700a55c8bb46e74e
Author: Masud Hasan <mashasan@cisco.com>
Date:   Wed Jun 17 12:31:53 2020 -0400

    rna: Adding initial support for reload_fingerprint command
---

diff --git a/src/network_inspectors/rna/CMakeLists.txt b/src/network_inspectors/rna/CMakeLists.txt
index 56b56b54d..5452bc8bb 100644
--- a/src/network_inspectors/rna/CMakeLists.txt
+++ b/src/network_inspectors/rna/CMakeLists.txt
@@ -28,4 +28,6 @@ add_library( rna OBJECT
 
 install(FILES ${RNA_INCLUDES}
     DESTINATION "${INCLUDE_INSTALL_PATH}/network_inspectors/rna"
-)
\ No newline at end of file
+)
+
+add_subdirectory(test)
diff --git a/src/network_inspectors/rna/rna_module.cc b/src/network_inspectors/rna/rna_module.cc
index 6d8852c1e..ed9c35cfe 100644
--- a/src/network_inspectors/rna/rna_module.cc
+++ b/src/network_inspectors/rna/rna_module.cc
@@ -28,6 +28,9 @@
 
 #include "log/messages.h"
 #include "main/snort_config.h"
+#include "main/swapper.h"
+#include "managers/inspector_manager.h"
+#include "src/main.h"
 
 #ifdef UNIT_TEST
 #include "catch/snort_catch.h"
@@ -36,13 +39,51 @@
 using namespace snort;
 
 //-------------------------------------------------------------------------
-// rna params and pegs
+// rna commands, params, and pegs
 //-------------------------------------------------------------------------
 
+static int reload_fingerprint(lua_State*)
+{
+    // This should be initialized from lua parameter when the rest of this command is implemented
+    bool from_shell = false;
+
+    Request& current_request = get_current_request();
+
+    if (Swapper::get_reload_in_progress())
+    {
+        current_request.respond("== reload pending; retry\n", from_shell);
+        return 0;
+    }
+
+    if (!InspectorManager::get_inspector(RNA_NAME))
+    {
+        current_request.respond("== reload fingerprint failed - rna not enabled\n", from_shell);
+        return 0;
+    }
+
+    // Check here if rna utility library and fingerprint database are present; fail if absent
+
+    Swapper::set_reload_in_progress(true);
+    current_request.respond(".. reloading fingerprint\n", from_shell);
+
+    // Reinitialize here fingerprint database; broadcast command if it is in thread local context
+
+    current_request.respond("== reload fingerprint complete\n", from_shell);
+    Swapper::set_reload_in_progress(false);
+    return 0;
+}
+
+static const Command rna_cmds[] =
+{
+    { "reload_fingerprint", reload_fingerprint, nullptr,
+      "reload rna database of fingerprint patterns/signatures" },
+    { nullptr, nullptr, nullptr, nullptr }
+};
+
 static const Parameter rna_params[] =
 {
     { "rna_conf_path", Parameter::PT_STRING, nullptr, nullptr,
-      "path to RNA configuration" },
+      "path to rna configuration" },
 
     { "rna_util_lib_path", Parameter::PT_STRING, nullptr, nullptr,
       "path to library for utilities such as fingerprint decoder" },
@@ -135,6 +176,11 @@ bool RnaModule::end(const char* fqn, int, SnortConfig* sc)
     return true;
 }
 
+const Command* RnaModule::get_commands() const
+{
+    return rna_cmds;
+}
+
 RnaModuleConfig* RnaModule::get_config()
 {
     RnaModuleConfig* tmp = mod_conf;
diff --git a/src/network_inspectors/rna/rna_module.h b/src/network_inspectors/rna/rna_module.h
index fa85672be..9fc20dd03 100644
--- a/src/network_inspectors/rna/rna_module.h
+++ b/src/network_inspectors/rna/rna_module.h
@@ -56,6 +56,8 @@ public:
     bool begin(const char*, int, snort::SnortConfig*) override;
     bool set(const char*, snort::Value&, snort::SnortConfig*) override;
     bool end(const char*, int, snort::SnortConfig*) override;
+
+    const snort::Command* get_commands() const override;
     RnaModuleConfig* get_config();
     PegCount* get_counts() const override;
     const PegInfo* get_pegs() const override;
diff --git a/src/network_inspectors/rna/test/CMakeLists.txt b/src/network_inspectors/rna/test/CMakeLists.txt
new file mode 100644
index 000000000..697466db0
--- /dev/null
+++ b/src/network_inspectors/rna/test/CMakeLists.txt
@@ -0,0 +1,7 @@
+add_cpputest( rna_module_test
+    SOURCES
+        ../../../framework/parameter.cc
+        $<TARGET_OBJECTS:catch_tests>
+    LIBS
+        ${DNET_LIBRARIES}
+)
diff --git a/src/network_inspectors/rna/test/rna_module_mock.h b/src/network_inspectors/rna/test/rna_module_mock.h
new file mode 100644
index 000000000..0724eb009
--- /dev/null
+++ b/src/network_inspectors/rna/test/rna_module_mock.h
@@ -0,0 +1,55 @@
+//--------------------------------------------------------------------------
+// Copyright (C) 2020-2020 Cisco and/or its affiliates. All rights reserved.
+//
+// This program is free software; you can redistribute it and/or modify it
+// under the terms of the GNU General Public License Version 2 as published
+// by the Free Software Foundation.  You may not use, modify or distribute
+// this program under any other version of the GNU General Public License.
+//
+// This program is distributed in the hope that it will be useful, but
+// WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+// General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+//--------------------------------------------------------------------------
+
+// rna_module_mock.h author Masud Hasan <mashasan@cisco.com>
+
+#ifndef RNA_MODULE_MOCK_H
+#define RNA_MODULE_MOCK_H
+
+bool Swapper::reload_in_progress = false;
+THREAD_LOCAL RnaStats rna_stats;
+THREAD_LOCAL ProfileStats rna_perf_stats;
+static std::string message;
+static Request mock_request;
+
+void Request::respond(const char* msg, bool, bool)
+{
+    message = msg;
+}
+Request& get_current_request()
+{ return mock_request; }
+
+namespace snort
+{
+Inspector* InspectorManager::get_inspector(const char*, bool, const SnortConfig*)
+{ return nullptr; }
+Module::Module(const char*, const char*, const Parameter*, bool) {}
+void Module::sum_stats(bool) {}
+void Module::show_stats() {}
+void Module::reset_stats() {}
+PegCount Module::get_global_count(char const*) const
+{ return 0; }
+void Module::show_interval_stats(std::vector<unsigned int, std::allocator<unsigned int> >&, FILE*)
+{}
+void LogMessage(const char*,...) {}
+void WarningMessage(const char*,...) {}
+SnortConfig::SnortConfig(SnortConfig const*) {}
+SnortConfig::~SnortConfig() {}
+} // end of namespace snort
+
+#endif
diff --git a/src/network_inspectors/rna/test/rna_module_test.cc b/src/network_inspectors/rna/test/rna_module_test.cc
new file mode 100644
index 000000000..82399eff0
--- /dev/null
+++ b/src/network_inspectors/rna/test/rna_module_test.cc
@@ -0,0 +1,63 @@
+//--------------------------------------------------------------------------
+// Copyright (C) 2020-2020 Cisco and/or its affiliates. All rights reserved.
+//
+// This program is free software; you can redistribute it and/or modify it
+// under the terms of the GNU General Public License Version 2 as published
+// by the Free Software Foundation.  You may not use, modify or distribute
+// this program under any other version of the GNU General Public License.
+//
+// This program is distributed in the hope that it will be useful, but
+// WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+// General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+//--------------------------------------------------------------------------
+
+// rna_module_test.cc author Masud Hasan <mashasan@cisco.com>
+
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#include "../rna_module.cc"
+
+#include "rna_module_mock.h"
+
+#include <CppUTest/CommandLineTestRunner.h>
+#include <CppUTest/TestHarness.h>
+
+TEST_GROUP(rna_module_test)
+{
+    void setup() override
+    {
+        MemoryLeakWarningPlugin::turnOffNewDeleteOverloads();
+    }
+    void teardown() override
+    {
+        MemoryLeakWarningPlugin::turnOnNewDeleteOverloads();
+    }
+};
+
+TEST(rna_module_test, reload_fingerprint)
+{
+    // When another reload is pending
+    Swapper::set_reload_in_progress(true);
+    reload_fingerprint(nullptr);
+    Swapper::set_reload_in_progress(false);
+    CHECK_TRUE(message == "== reload pending; retry\n");
+
+    // When rna is not configured
+    reload_fingerprint(nullptr);
+    CHECK_TRUE(message == "== reload fingerprint failed - rna not enabled\n");
+
+    // Reload in progress flag should remain unset at the end
+    CHECK_FALSE(Swapper::get_reload_in_progress());
+}
+
+int main(int argc, char** argv)
+{
+    return CommandLineTestRunner::RunAllTests(argc, argv);
+}