From: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Mon, 1 Aug 2022 21:54:10 +0000 (-0400)
Subject: main, managers: remove the reload_module command
X-Git-Tag: 3.1.39.0~8
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d6862fdbd83d5f738a916be671df8c8973ff1e6b;p=thirdparty%2Fsnort3.git

main, managers: remove the reload_module command
---

diff --git a/src/main.cc b/src/main.cc
index 02eafc3ea..6335a4483 100644
--- a/src/main.cc
+++ b/src/main.cc
@@ -475,51 +475,6 @@ int main_reload_policy(lua_State* L)
     return 0;
 }
 
-int main_reload_module(lua_State* L)
-{
-    const char* fname =  nullptr;
-
-    if ( L )
-    {
-        Lua::ManageStack(L, 1);
-        if (lua_gettop(L) >= 1)
-            fname = luaL_checkstring(L, 1);
-    }
-
-    ControlConn* ctrlcon = ControlConn::query_from_lua(L);
-    if ( !fname or *fname == '\0' )
-    {
-        send_response(ctrlcon, "== module name required\n");
-        return 0;
-    }
-
-    if ( !ReloadTracker::start(ctrlcon) )
-    {
-        send_response(ctrlcon, "== reload pending; retry\n");
-        return 0;
-    }
-
-    send_response(ctrlcon, ".. reloading module\n");
-
-    SnortConfig* old = SnortConfig::get_main_conf();
-    SnortConfig* sc = Snort::get_updated_module(old, fname);
-
-    if ( !sc )
-    {
-        ReloadTracker::failed(ctrlcon, "failed to update module");
-        send_response(ctrlcon, "== reload failed\n");
-        return 0;
-    }
-    SnortConfig::set_conf(sc);
-    proc_stats.policy_reloads++;
-
-    ReloadTracker::update(ctrlcon, "start swapping configuration ...");
-    send_response(ctrlcon, ".. swapping module\n");
-    main_broadcast_command(new ACSwap(new Swapper(old, sc), ctrlcon), ctrlcon);
-
-    return 0;
-}
-
 int main_reload_daq(lua_State* L)
 {
     ControlConn* ctrlcon = ControlConn::query_from_lua(L);
diff --git a/src/main.h b/src/main.h
index 14cbf7a4e..4c422dde6 100644
--- a/src/main.h
+++ b/src/main.h
@@ -32,7 +32,6 @@ int main_reset_stats(lua_State* = nullptr);
 int main_rotate_stats(lua_State* = nullptr);
 int main_reload_config(lua_State* = nullptr);
 int main_reload_policy(lua_State* = nullptr);
-int main_reload_module(lua_State* = nullptr);
 int main_reload_daq(lua_State* = nullptr);
 int main_reload_hosts(lua_State* = nullptr);
 int main_process(lua_State* = nullptr);
diff --git a/src/main/snort.cc b/src/main/snort.cc
index ab4add865..03dc39eb5 100644
--- a/src/main/snort.cc
+++ b/src/main/snort.cc
@@ -592,49 +592,6 @@ SnortConfig* Snort::get_updated_policy(
     return sc;
 }
 
-SnortConfig* Snort::get_updated_module(SnortConfig* other_conf, const char* name)
-{
-    reloading = true;
-
-    SnortConfig* sc = new SnortConfig(other_conf, name);
-    sc->global_dbus->clone(*other_conf->global_dbus, name);
-
-    if ( name )
-    {
-        reset_parse_errors();
-        ModuleManager::reset_errors();
-        ModuleManager::reload_module(name, sc);
-        if ( ModuleManager::get_errors() || !sc->verify() )
-        {
-            sc->cloned = true;
-            InspectorManager::update_policy(other_conf);
-            delete sc;
-            set_default_policy(other_conf);
-            reloading = false;
-            return nullptr;
-        }
-    }
-
-    if ( !InspectorManager::configure(sc, true) )
-    {
-        sc->cloned = true;
-        InspectorManager::update_policy(other_conf);
-        delete sc;
-        set_default_policy(other_conf);
-        reloading = false;
-        return nullptr;
-    }
-
-    InspectorManager::reconcile_inspectors(other_conf, sc, true);
-    InspectorManager::prepare_inspectors(sc);
-    InspectorManager::prepare_controls(sc);
-
-    other_conf->cloned = true;
-    InspectorManager::update_policy(sc);
-    reloading = false;
-    return sc;
-}
-
 OopsHandlerSuspend::OopsHandlerSuspend()
 {
     remove_oops_handler();
diff --git a/src/main/snort.h b/src/main/snort.h
index ee5edb9da..884028e60 100644
--- a/src/main/snort.h
+++ b/src/main/snort.h
@@ -41,7 +41,6 @@ public:
     static SnortConfig* get_reload_config(const char* fname, const char* plugin_path,
         const SnortConfig* old);
     static SnortConfig* get_updated_policy(SnortConfig*, const char* fname, const char* iname);
-    static SnortConfig* get_updated_module(SnortConfig*, const char* name);
     static void setup(int argc, char* argv[]);
     static bool drop_privileges();
     static void do_pidfile();
diff --git a/src/main/snort_module.cc b/src/main/snort_module.cc
index 24b46eca1..0b33ea600 100644
--- a/src/main/snort_module.cc
+++ b/src/main/snort_module.cc
@@ -113,7 +113,6 @@ static const Command snort_cmds[] =
     { "rotate_stats", main_rotate_stats, nullptr, "roll perfmonitor log files" },
     { "reload_config", main_reload_config, s_reload_w_path, "load new configuration" },
     { "reload_policy", main_reload_policy, s_reload, "reload part or all of the default policy" },
-    { "reload_module", main_reload_module, s_module, "reload module" },
     { "reload_daq", main_reload_daq, nullptr, "reload daq module" },
     { "reload_hosts", main_reload_hosts, s_reload, "load a new hosts table" },
 
diff --git a/src/managers/module_manager.cc b/src/managers/module_manager.cc
index 1267f7d4d..f3f0d95a5 100644
--- a/src/managers/module_manager.cc
+++ b/src/managers/module_manager.cc
@@ -1140,39 +1140,6 @@ void ModuleManager::show_module(const char* name)
         cout << "no match" << endl;
 }
 
-void ModuleManager::reload_module(const char* name, SnortConfig* sc)
-{
-    ModHook* h = get_hook(name);
-
-    // Most of the modules don't support yet reload_module.
-    // This list contains the ones that do, and should be updated as
-    // more modules support reload_module.
-    const vector<string> supported_modules =
-    {
-        "dns_si", "firewall", "identity", "qos", "reputation", "url_si", "rt_network"
-    };
-    auto it = find(supported_modules.begin(), supported_modules.end(), name);
-
-    // FIXIT-L: we can check that h->api is not null here or inside instantiate.
-    // Both alternatives prevent crashing in instantiate(). However,
-    // checking it here might be too aggressive, because we are also saying it
-    // is an error. That makes the caller of this function
-    // (get_updated_module()) discard other legitimate reload operations, e.g.
-    // the newly read configuration. We should decide on this when proper
-    // reload functionality gets implemented.
-    if ( it != supported_modules.end() and h and h->api and h->mod and sc )
-    {
-        PluginManager::instantiate(h->api, h->mod, sc);
-        s_errors += get_parse_errors();
-    }
-    else
-    {
-        cout << "Module " << name <<" doesn't exist or reload not implemented.";
-        cout << endl;
-        ++s_errors;
-    }
-}
-
 static bool selected(const Module* m, const char* pfx, bool exact)
 {
     if ( !pfx )
diff --git a/src/managers/module_manager.h b/src/managers/module_manager.h
index 8fb6604f4..7dcbf7696 100644
--- a/src/managers/module_manager.h
+++ b/src/managers/module_manager.h
@@ -79,7 +79,6 @@ public:
     static void load_commands(Shell*);
     static void load_rules(SnortConfig*);
     static void set_config(SnortConfig*);
-    static void reload_module(const char*, SnortConfig*);
 
     static void reset_errors();
     static unsigned get_errors();