From: Tom Peters (thopeter) Date: Fri, 6 Apr 2018 19:05:42 +0000 (-0400) Subject: Merge pull request #1178 in SNORT/snort3 from reload_ips_actions to master X-Git-Tag: 3.0.0-245~51 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=b4335beacd0fb0d2e6c91d4acad311be6917c557;p=thirdparty%2Fsnort3.git Merge pull request #1178 in SNORT/snort3 from reload_ips_actions to master Squashed commit of the following: commit 6d659feda07dd5071cb3035d55ad61136d2faea8 Author: Steven Baigal Date: Fri Mar 30 11:27:47 2018 -0400 reload: enabled reloading ips_actions added parse error check for reloading --- diff --git a/src/actions/act_react.cc b/src/actions/act_react.cc index 10bda0f07..392c31116 100644 --- a/src/actions/act_react.cc +++ b/src/actions/act_react.cc @@ -97,10 +97,9 @@ struct ReactData int rule_msg; // 1=>use rule msg; 0=>use DEFAULT_MSG ssize_t buf_len; // length of response char* resp_buf; // response to send + char* resp_page; }; -static char* s_page = nullptr; - class ReactAction : public IpsAction { public: @@ -124,11 +123,6 @@ private: ReactAction::~ReactAction() { - if ( s_page ) - { - snort_free(s_page); - s_page = nullptr; - } if (config->resp_buf) snort_free(config->resp_buf); @@ -164,60 +158,6 @@ void ReactAction::send(Packet* p) // implementation foo //------------------------------------------------------------------------- -static bool react_getpage(const char* file) -{ - char* msg; - char* percent_s; - struct stat fs; - FILE* fd; - size_t n; - - if ( stat(file, &fs) ) - { - ParseError("can't stat react page file '%s'.", file); - return false; - } - - s_page = (char*)snort_calloc(fs.st_size+1); - fd = fopen(file, "r"); - - if ( !fd ) - { - ParseError("can't open react page file '%s'.", file); - return false; - } - - n = fread(s_page, 1, fs.st_size, fd); - fclose(fd); - - if ( n != (size_t)fs.st_size ) - { - ParseError("can't load react page file '%s'.", file); - return false; - } - - s_page[n] = '\0'; - msg = strstr(s_page, MSG_KEY); - if ( msg ) - strncpy(msg, "%s", 2); - - // search for % - percent_s = strstr(s_page, MSG_PERCENT); - if (percent_s) - { - percent_s += strlen(MSG_PERCENT); // move past current - // search for % again - percent_s = strstr(percent_s, MSG_PERCENT); - if (percent_s) - { - ParseError("can't specify more than one %%s or other " - "printf style formatting characters in react page '%s'.", - file); - return false; - } - } - return true; -} //-------------------------------------------------------------------- @@ -228,7 +168,7 @@ static void react_config(ReactData* rd) char dummy; const char* head = DEFAULT_HTTP; - const char* body = s_page ? s_page : DEFAULT_HTML; + const char* body = rd->resp_page ? rd->resp_page : DEFAULT_HTML; const char* msg = DEFAULT_MSG; body_len = snprintf(&dummy, 1, body, msg); @@ -263,7 +203,8 @@ static const Parameter s_params[] = class ReactModule : public Module { public: - ReactModule() : Module(s_name, s_help, s_params) { } + ReactModule() : Module(s_name, s_help, s_params) { page = nullptr; } + ~ReactModule() override { if (page) snort_free(page); } bool begin(const char*, int, SnortConfig*) override; bool set(const char*, Value&, SnortConfig*) override; @@ -276,8 +217,66 @@ public: public: bool msg; + char* page; +private: + bool getpage(const char* file); }; +bool ReactModule::getpage(const char* file) +{ + char* msg; + char* percent_s; + struct stat fs; + FILE* fd; + size_t n; + + if ( stat(file, &fs) ) + { + ParseError("can't stat react page file '%s'.", file); + return false; + } + + page = (char*)snort_calloc(fs.st_size+1); + fd = fopen(file, "r"); + + if ( !fd ) + { + ParseError("can't open react page file '%s'.", file); + return false; + } + + n = fread(page, 1, fs.st_size, fd); + fclose(fd); + + if ( n != (size_t)fs.st_size ) + { + ParseError("can't load react page file '%s'.", file); + return false; + } + + page[n] = '\0'; + msg = strstr(page, MSG_KEY); + if ( msg ) + strncpy(msg, "%s", 2); + + // search for % + percent_s = strstr(page, MSG_PERCENT); + if (percent_s) + { + percent_s += strlen(MSG_PERCENT); // move past current + // search for % again + percent_s = strstr(percent_s, MSG_PERCENT); + if (percent_s) + { + ParseError("can't specify more than one %%s or other " + "printf style formatting characters in react page '%s'.", + file); + return false; + } + } + return true; +} + bool ReactModule::begin(const char*, int, SnortConfig*) { msg = false; @@ -290,7 +289,7 @@ bool ReactModule::set(const char*, Value& v, SnortConfig*) msg = v.get_bool(); else if ( v.is("page") ) - return react_getpage(v.get_string()); + return getpage(v.get_string()); else return false; @@ -318,7 +317,7 @@ static IpsAction* react_ctor(Module* p) ReactModule* m = (ReactModule*)p; rd->rule_msg = m->msg; - + rd->resp_page = m->page; react_config(rd); // FIXIT-L this must be done per response Active::set_enabled(); diff --git a/src/main/snort.cc b/src/main/snort.cc index 25c304d0a..eef5834b1 100644 --- a/src/main/snort.cc +++ b/src/main/snort.cc @@ -572,7 +572,7 @@ SnortConfig* Snort::get_reload_config(const char* fname) ControlMgmt::reconfigure_controls(); #endif - if ( !InspectorManager::configure(sc) ) + if ( get_parse_errors() or !InspectorManager::configure(sc) ) { parser_term(sc); delete sc; diff --git a/src/managers/module_manager.cc b/src/managers/module_manager.cc index d681dfd46..5ee151fbf 100644 --- a/src/managers/module_manager.cc +++ b/src/managers/module_manager.cc @@ -684,9 +684,9 @@ SO_PUBLIC bool open_table(const char* s, int idx) if ( !h || (h->api && h->api->type == PT_IPS_OPTION) ) return false; - // FIXIT-M only basic modules and inspectors can be reloaded at present - if ( ( snort::Snort::is_reloading() ) - and h->api and h->api->type != PT_INSPECTOR ) + // FIXIT-M only basic modules, inspectors and ips actions can be reloaded at present + if ( ( snort::Snort::is_reloading() ) and h->api + and h->api->type != PT_INSPECTOR and h->api->type != PT_IPS_ACTION ) return false; Module* m = h->mod;