From: Tom Peters (thopeter) <thopeter@cisco.com>
Date: Wed, 12 Dec 2018 20:38:42 +0000 (-0500)
Subject: Merge pull request #1460 in SNORT/snort3 from ~MDAGON/snort3:file_reload to master
X-Git-Tag: 3.0.0-251~86
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=bea170355e8a03d51bac6dab4e68584fa264c495;p=thirdparty%2Fsnort3.git

Merge pull request #1460 in SNORT/snort3 from ~MDAGON/snort3:file_reload to master

Squashed commit of the following:

commit 9af61b0b8f0f41516123d018d94cb21f710f2944
Author: mdagon <mdagon@cisco.com>
Date:   Wed Oct 31 15:38:00 2018 -0400

    file_api: fail the reload if max_files_cache is changed  or if capture was initially enabled and capture_memcap or capture_block_size change
---

diff --git a/src/file_api/file_service.cc b/src/file_api/file_service.cc
index 27a81da47..0c96c203a 100644
--- a/src/file_api/file_service.cc
+++ b/src/file_api/file_service.cc
@@ -29,6 +29,7 @@
 
 #include "file_service.h"
 
+#include "log/messages.h"
 #include "main/snort_config.h"
 #include "mime/file_mime_process.h"
 
@@ -46,6 +47,11 @@ bool FileService::file_processing_initiated = false;
 
 FileCache* FileService::file_cache = nullptr;
 
+// FIXIT-L make these params reloadable
+static int64_t max_files_cached = 0;
+static int64_t capture_memcap = 0;
+static int64_t capture_block_size = 0;
+
 void FileService::init()
 {
     FileFlows::init();
@@ -54,16 +60,42 @@ void FileService::init()
 void FileService::post_init()
 {
     MimeSession::init();
-    FileConfig* conf = get_file_config();
+    const FileConfig* const conf = get_file_config();
 
     if (!conf)
         return;
 
     if (!file_cache)
+    {
         file_cache = new FileCache(conf->max_files_cached);
+        max_files_cached = conf->max_files_cached;
+    }
 
     if (file_capture_enabled)
+    {
         FileCapture::init(conf->capture_memcap, conf->capture_block_size);
+        capture_memcap = conf->capture_memcap;
+        capture_block_size = conf->capture_block_size;
+    }
+}
+
+void FileService::verify_reload(SnortConfig* sc)
+{
+    const FileConfig* const conf = get_file_config(sc);
+
+    if (!conf)
+        return;
+
+    if (max_files_cached != conf->max_files_cached)
+        ParseError("Changing max_files_cached requires a restart\n");
+
+    if (file_capture_enabled)
+    {
+        if (capture_memcap != conf->capture_memcap)
+            ParseError("Changing capture_memcap requires a restart\n");
+        if (capture_block_size != conf->capture_block_size)
+            ParseError("Changing capture_block_size requires a restart\n");
+    }
 }
 
 void FileService::close()
diff --git a/src/file_api/file_service.h b/src/file_api/file_service.h
index bba93e9ad..61dadecf0 100644
--- a/src/file_api/file_service.h
+++ b/src/file_api/file_service.h
@@ -25,6 +25,7 @@
 // This provides a wrapper to start/stop file service
 
 #include "file_api/file_policy.h"
+#include "main/snort_config.h"
 #include "main/snort_types.h"
 
 class FileEnforcer;
@@ -41,6 +42,9 @@ public:
     // Called after permission is dropped
     static void post_init();
 
+    // Called during reload
+    static void verify_reload(SnortConfig*);
+
     // This must be called when snort exits
     static void close();
 
diff --git a/src/main/snort.cc b/src/main/snort.cc
index 88a7715c8..048164202 100644
--- a/src/main/snort.cc
+++ b/src/main/snort.cc
@@ -588,6 +588,8 @@ SnortConfig* Snort::get_reload_config(const char* fname)
     ControlMgmt::reconfigure_controls();
 #endif
 
+    FileService::verify_reload(sc);
+
     if ( get_parse_errors() or !InspectorManager::configure(sc) )
     {
         parser_term(sc);