From 92679442cae0626fcb3937c23abc0dd85ec39cdf Mon Sep 17 00:00:00 2001 From: Eric Leblond Date: Wed, 15 Aug 2012 17:28:00 +0200 Subject: [PATCH] Convert to atomic and disable check on HTP config change. This patch converts the series of variable to an atomic. Furthermore, as the callbacks are now always run, it is not necessary anymore to refuse a ruleswap if HTP parameters are changing. --- src/app-layer-htp.c | 25 +++++++++---------------- src/app-layer-htp.h | 10 ++++++---- src/detect-engine.c | 20 -------------------- 3 files changed, 15 insertions(+), 40 deletions(-) diff --git a/src/app-layer-htp.c b/src/app-layer-htp.c index 5b8dfc5f24..37230b6bd3 100644 --- a/src/app-layer-htp.c +++ b/src/app-layer-htp.c @@ -95,16 +95,6 @@ static uint64_t htp_state_memuse = 0; static uint64_t htp_state_memcnt = 0; #endif -/** part of the engine needs the request body (e.g. http_client_body keyword) */ -uint8_t need_htp_request_body = 0; -/** part of the engine needs the request body multipart header (e.g. filename - * and / or fileext keywords) */ -uint8_t need_htp_request_multipart_hdr = 0; -/** part of the engine needs the request file (e.g. log-file module) */ -uint8_t need_htp_request_file = 0; -/** part of the engine needs the request body (e.g. file_data keyword) */ -uint8_t need_htp_response_body = 0; - SCEnumCharMap http_decoder_event_table[ ] = { { "UNKNOWN_ERROR", HTTP_DECODER_EVENT_UNKNOWN_ERROR}, @@ -356,7 +346,8 @@ void HTPStateTransactionFree(void *state, uint16_t id) { void AppLayerHtpEnableRequestBodyCallback(void) { SCEnter(); - need_htp_request_body = 1; + + SC_ATOMIC_OR(htp_config_flags, HTP_REQUIRE_REQUEST_BODY); SCReturn; } @@ -368,7 +359,8 @@ void AppLayerHtpEnableRequestBodyCallback(void) void AppLayerHtpEnableResponseBodyCallback(void) { SCEnter(); - need_htp_response_body = 1; + + SC_ATOMIC_OR(htp_config_flags, HTP_REQUIRE_RESPONSE_BODY); SCReturn; } @@ -382,7 +374,7 @@ void AppLayerHtpNeedMultipartHeader(void) { SCEnter(); AppLayerHtpEnableRequestBodyCallback(); - need_htp_request_multipart_hdr = 1; + SC_ATOMIC_OR(htp_config_flags, HTP_REQUIRE_REQUEST_MULTIPART); SCReturn; } @@ -399,7 +391,7 @@ void AppLayerHtpNeedFileInspection(void) AppLayerHtpEnableRequestBodyCallback(); AppLayerHtpEnableResponseBodyCallback(); - need_htp_request_file = 1; + SC_ATOMIC_OR(htp_config_flags, HTP_REQUIRE_REQUEST_FILE); SCReturn; } @@ -1779,7 +1771,7 @@ int HTPCallbackRequestBodyData(htp_tx_data_t *d) { SCEnter(); - if (need_htp_request_body == 0) + if (!(SC_ATOMIC_GET(htp_config_flags) & HTP_REQUIRE_REQUEST_BODY)) SCReturnInt(HOOK_OK); #ifdef PRINT @@ -1902,7 +1894,7 @@ int HTPCallbackResponseBodyData(htp_tx_data_t *d) { SCEnter(); - if (need_htp_response_body == 0) + if (!(SC_ATOMIC_GET(htp_config_flags) & HTP_REQUIRE_RESPONSE_BODY)) SCReturnInt(HOOK_OK); HtpState *hstate = (HtpState *)d->tx->connp->user_data; @@ -2485,6 +2477,7 @@ void RegisterHTPParsers(void) AppLayerRegisterProto(proto_name, ALPROTO_HTTP, STREAM_TOCLIENT, HTPHandleResponseData); + SC_ATOMIC_INIT(htp_config_flags); HTPConfigure(); SCReturn; } diff --git a/src/app-layer-htp.h b/src/app-layer-htp.h index 38a6413db2..8ee199a63d 100644 --- a/src/app-layer-htp.h +++ b/src/app-layer-htp.h @@ -204,14 +204,16 @@ typedef struct HtpState_ { } HtpState; /** part of the engine needs the request body (e.g. http_client_body keyword) */ -extern uint8_t need_htp_request_body; +#define HTP_REQUIRE_REQUEST_BODY (1 << 0) /** part of the engine needs the request body multipart header (e.g. filename * and / or fileext keywords) */ -extern uint8_t need_htp_request_multipart_hdr; +#define HTP_REQUIRE_REQUEST_MULTIPART (1 << 1) /** part of the engine needs the request file (e.g. log-file module) */ -extern uint8_t need_htp_request_file; +#define HTP_REQUIRE_REQUEST_FILE (1 << 2) /** part of the engine needs the request body (e.g. file_data keyword) */ -extern uint8_t need_htp_response_body; +#define HTP_REQUIRE_RESPONSE_BODY (1 << 3) + +SC_ATOMIC_DECLARE(uint32_t, htp_config_flags); void RegisterHTPParsers(void); void HTPParserRegisterTests(void); diff --git a/src/detect-engine.c b/src/detect-engine.c index 665ae35420..c0206906a8 100644 --- a/src/detect-engine.c +++ b/src/detect-engine.c @@ -126,32 +126,12 @@ static void *DetectEngineLiveRuleSwap(void *arg) exit(EXIT_FAILURE); } - uint8_t local_need_htp_request_body = need_htp_request_body; - uint8_t local_need_htp_request_multipart_hdr = need_htp_request_multipart_hdr; - uint8_t local_need_htp_request_file = need_htp_request_file; - uint8_t local_need_htp_response_body = need_htp_response_body; - if (SigLoadSignatures(de_ctx, NULL, FALSE) < 0) { SCLogError(SC_ERR_NO_RULES_LOADED, "Loading signatures failed."); if (de_ctx->failure_fatal) exit(EXIT_FAILURE); } - if (local_need_htp_request_body != need_htp_request_body || - local_need_htp_request_multipart_hdr != need_htp_request_multipart_hdr || - local_need_htp_request_file != need_htp_request_file || - local_need_htp_response_body != need_htp_response_body) { - SCLogInfo("===== New ruleset requires enabling htp features that " - "can't be enabled at runtime. You will have to restart " - "engine to load the new ruleset ====="); - DetectEngineCtxFree(de_ctx); - UtilSignalHandlerSetup(SIGUSR2, SignalHandlerSigusr2); - - TmThreadsSetFlag(tv_local, THV_CLOSED); - - pthread_exit(NULL); - } - SCThresholdConfInitContext(de_ctx, NULL); /* start the process of swapping detect threads ctxs */