static void core_vars_gen_list(ib_tx_t *tx, const char *name) { assert(tx != NULL); assert(name != NULL); ib_status_t rc; ib_var_source_t *source; rc = ib_var_source_acquire( &source, tx->mp, ib_var_store_config(tx->var_store), name, strlen(name) ); if (rc != IB_OK) { ib_log_warning_tx(tx, "Failed to acquire \"%s\" var: %s", name, ib_status_to_string(rc)); return; } rc = ib_var_source_initialize(source, NULL, tx->var_store, IB_FTYPE_LIST); if (rc != IB_OK) { ib_log_warning_tx(tx, "Failed add \"%s\" var to transaction: %s", name, ib_status_to_string(rc) ); } }
static void core_gen_tx_numeric_field(ib_tx_t *tx, const char *name, ib_num_t val) { ib_field_t *f; assert(tx != NULL); assert(name != NULL); ib_num_t num = val; ib_status_t rc = ib_field_create(&f, tx->mp, name, strlen(name), IB_FTYPE_NUM, &num); if (rc != IB_OK) { ib_log_warning(tx->ib, "Failed to create \"%s\" field: %s", name, ib_status_to_string(rc)); return; } rc = ib_data_add(tx->data, f); if (rc != IB_OK) { ib_log_warning_tx(tx, "Failed add \"%s\" field to transaction data store: %s", name, ib_status_to_string(rc) ); } }
void RunTest(int line, const char *s, int base, ib_status_t estatus, ib_num_t expected) { ib_status_t rc; ib_num_t result; rc = ::ib_string_to_num(s, base, &result); if (estatus == IB_OK) { EXPECT_EQ(rc, IB_OK) << "Line " << line << ": " << "Conversion of '" << s << "' base10="<< base << " failed; rc=" << rc << " (" << ib_status_to_string(rc) << ")"; } else { EXPECT_EQ(rc, estatus) << "Line " << line << ": " << "Conversion of '" << s << "' base=" << base << " expected status " << estatus << " returned "<< rc << " (" << ib_status_to_string(rc) << ")"; } if (rc == IB_OK) { EXPECT_EQ(expected, result) << "Line " << line << ": " << "Conversion of '" << s << "' base=" <<base << " expected value=" << expected << " result="<< result; } }
static void core_gen_tx_bytestr_alias_field(ib_tx_t *tx, const char *name, ib_bytestr_t *val) { ib_field_t *f; assert(tx != NULL); assert(name != NULL); assert(val != NULL); ib_status_t rc = ib_field_create_no_copy(&f, tx->mp, name, strlen(name), IB_FTYPE_BYTESTR, val); if (rc != IB_OK) { ib_log_warning(tx->ib, "Failed to create \"%s\" field: %s", name, ib_status_to_string(rc)); return; } rc = ib_data_add(tx->data, f); if (rc != IB_OK) { ib_log_warning_tx(tx, "Failed add \"%s\" field to transaction data store: %s", name, ib_status_to_string(rc) ); } }
/** Create and return top-level cont with no transient data * Sets up engine manager and kill-or-continue txn hook before launching * potentially-slow mainconfiguration in separate thread. */ static ib_status_t tsib_pre_init(TSCont *contp) { int rv; ib_status_t rc; TSCont cont; assert(contp != NULL); /* create a cont to fend off traffic while we read config */ *contp = cont = TSContCreate(ironbee_plugin, NULL); if (cont == NULL) { TSError("[ironbee] failed to create initial continuation: disabled"); return IB_EUNKNOWN; } if (module_data.allow_at_startup) { /* SSN_START doesn't use contdata; READ_REQUEST_HDR only needs non-null flag. * Using &module_data might let us clean up some tsib_api stuff in future. */ TSContDataSet(cont, &module_data); } else { /* NULL contdata signals the READ_REQUEST_HDR hook to reject requests */ TSContDataSet(cont, NULL); } TSHttpHookAdd(TS_HTTP_READ_REQUEST_HDR_HOOK, cont); if (!module_data.log_disable) { /* success is documented as TS_LOG_ERROR_NO_ERROR but that's undefined. * It's actually a TS_SUCCESS (proxy/InkAPI.cc line 6641). */ printf("Logging to \"%s\"\n", module_data.log_file); rv = TSTextLogObjectCreate(module_data.log_file, TS_LOG_MODE_ADD_TIMESTAMP, &module_data.logger); if (rv != TS_SUCCESS) { TSError("[ironbee] Error creating log file."); return IB_EUNKNOWN; } } /* Initialize IronBee (including util) */ rc = ib_initialize(); if (rc != IB_OK) { TSError("[ironbee] Error initializing IronBee: %s", ib_status_to_string(rc)); return rc; } /* Create the IronBee engine manager */ TSDebug("ironbee", "Creating IronBee engine manager"); rc = ib_manager_create(&(module_data.manager), /* Engine Manager */ &ibplugin, /* Server object */ module_data.max_engines); /* Default max */ if (rc != IB_OK) { TSError("[ironbee] Error creating IronBee engine manager: %s", ib_status_to_string(rc)); } return rc; }
ib_status_t ib_core_collection_managers_register( ib_engine_t *ib, const ib_module_t *module) { assert(ib != NULL); assert(module != NULL); const char *pattern = "^([^\\s=]+)=(.*)$"; const int compile_flags = PCRE_DOTALL | PCRE_DOLLAR_ENDONLY; pcre *compiled; const char *error; int eoff; ib_status_t rc; const ib_collection_manager_t *manager; /* Register the name/value pair InitCollection manager */ rc = ib_collection_manager_register( ib, module, "core name/value pair", "vars:", core_managed_collection_vars_register_fn, NULL, NULL, NULL, core_managed_collection_vars_populate_fn, NULL, NULL, NULL, &manager); if (rc != IB_OK) { ib_log_alert(ib, "Failed to register core name/value pair handler: %s", ib_status_to_string(rc)); return rc; } /* Compile the name/value pair pattern */ compiled = pcre_compile(pattern, compile_flags, &error, &eoff, NULL); if (compiled == NULL) { ib_log_error(ib, "Failed to compile pattern \"%s\": %s", pattern, error ? error : "(null)"); return IB_EUNKNOWN; } core_vars_manager.pattern = compiled; core_vars_manager.manager = manager; #if ENABLE_JSON /* Register the JSON file InitCollection manager */ rc = ib_collection_manager_register( ib, module, "core JSON file", "json-file://", core_managed_collection_jsonfile_register_fn, NULL, NULL, NULL, core_managed_collection_jsonfile_populate_fn, NULL, core_managed_collection_jsonfile_persist_fn, NULL, &manager); if (rc != IB_OK) { ib_log_alert(ib, "Failed to register core JSON file handler: %s", ib_status_to_string(rc)); return rc; } #endif return IB_OK; }
/** * Handle on/off directives. * * @param[in] cp Config parser * @param[in] name Directive name * @param[in] onoff on/off flag * @param[in] cbdata Callback data (ignored) * * @returns Status code */ static ib_status_t handle_directive_onoff(ib_cfgparser_t *cp, const char *name, int onoff, void *cbdata) { assert(cp != NULL); assert(name != NULL); assert(cp->ib != NULL); ib_engine_t *ib = cp->ib; ib_status_t rc; ib_module_t *module = NULL; modpcre_cfg_t *config = NULL; ib_context_t *ctx = cp->cur_ctx ? cp->cur_ctx : ib_context_main(ib); const char *pname; /* Get my module object */ rc = ib_engine_module_get(cp->ib, MODULE_NAME_STR, &module); if (rc != IB_OK) { ib_cfg_log_error(cp, "Failed to get %s module object: %s", MODULE_NAME_STR, ib_status_to_string(rc)); return rc; } /* Get my module configuration */ rc = ib_context_module_config(ctx, module, (void *)&config); if (rc != IB_OK) { ib_cfg_log_error(cp, "Failed to get %s module configuration: %s", MODULE_NAME_STR, ib_status_to_string(rc)); return rc; } if (strcasecmp("PcreStudy", name) == 0) { pname = MODULE_NAME_STR ".study"; } else if (strcasecmp("PcreUseJit", name) == 0) { pname = MODULE_NAME_STR ".use_jit"; } else { ib_cfg_log_error(cp, "Unhandled directive \"%s\"", name); return IB_EINVAL; } rc = ib_context_set_num(ctx, pname, onoff); if (rc != IB_OK) { ib_cfg_log_error(cp, "Failed to set \"%s\" to %s for \"%s\": %s", pname, onoff ? "true" : "false", name, ib_status_to_string(rc)); } return IB_OK; }
static ib_status_t modbinradix_init(ib_engine_t *ib, ib_module_t *m, void *cbdata) { IB_FTRACE_INIT(); ib_status_t rc; /* Register as a matcher provider. */ rc = ib_provider_register(ib, IB_PROVIDER_TYPE_MATCHER, MODULE_NAME_STR, NULL, &modbinradix_matcher_iface, modbinradix_provider_instance_init); if (rc != IB_OK) { ib_log_error(ib, MODULE_NAME_STR ": Error registering ac matcher provider: " "%s", ib_status_to_string(rc)); IB_FTRACE_RET_STATUS(IB_OK); } ib_log_debug(ib, "AC Status: compiled=\"%d.%d %s\" BinRadix Matcher" " registered", AC_MAJOR, AC_MINOR, IB_XSTRINGIFY(AC_DATE)); IB_FTRACE_RET_STATUS(IB_OK); }
ib_status_t ibpp_caught_ib_exception( ib_engine_t* engine, ib_status_t status, const error& e ) { std::string message; int level = 1; message = std::string(ib_status_to_string(status)) + ":"; if (boost::get_error_info<errinfo_what>(e)) { message += *boost::get_error_info<errinfo_what>(e); } else { message += "IronBee++ Exception but no explanation provided. " "Please report as bug."; } if (boost::get_error_info<errinfo_level>(e)) { level = *boost::get_error_info<errinfo_level>(e); } if (engine) { ib_log(engine, level, "%s", message.c_str()); ib_log_debug(engine, "%s", diagnostic_information(e).c_str() ); } else { ib_util_log_error("%s", message.c_str()); ib_util_log_debug("%s", diagnostic_information(e).c_str() ); } return status; }
/** * Handle request_header events for user agent extraction. * * Extract the "request_headers" field (a list) from the transactions's * data provider instance, then loop through the list, looking for the * "User-Agent" field. If found, the value is parsed and used to update the * connection object fields. * * @param[in] ib IronBee object * @param[in,out] tx Transaction. * @param[in] event Event type * @param[in] data Callback data (not used) * * @returns Status code */ static ib_status_t modua_user_agent(ib_engine_t *ib, ib_tx_t *tx, ib_state_event_type_t event, void *data) { assert(ib != NULL); assert(tx != NULL); assert(tx->data != NULL); assert(event == request_header_finished_event); ib_field_t *req_agent = NULL; ib_status_t rc = IB_OK; const ib_list_t *bs_list; const ib_bytestr_t *bs; /* Extract the User-Agent header field from the provider instance */ rc = ib_data_get(tx->data, "request_headers:User-Agent", &req_agent); if ( (req_agent == NULL) || (rc != IB_OK) ) { ib_log_debug_tx(tx, "request_header_finished_event: No user agent"); return IB_OK; } if (req_agent->type != IB_FTYPE_LIST) { ib_log_error_tx(tx, "Expected request_headers:User-Agent to " "return list of values."); return IB_EINVAL; } rc = ib_field_value_type(req_agent, ib_ftype_list_out(&bs_list), IB_FTYPE_LIST); if (rc != IB_OK) { ib_log_error_tx(tx, "Cannot retrieve request_headers:User-Agent: %d", rc); return rc; } if (IB_LIST_ELEMENTS(bs_list) == 0) { ib_log_debug_tx(tx, "request_header_finished_event: No user agent"); return IB_OK; } req_agent = (ib_field_t *)IB_LIST_NODE_DATA(IB_LIST_LAST(bs_list)); /* Found it: copy the data into a newly allocated string buffer */ rc = ib_field_value_type(req_agent, ib_ftype_bytestr_out(&bs), IB_FTYPE_BYTESTR); if (rc != IB_OK) { ib_log_error_tx(tx, "Request user agent is not a BYTESTR: %s", ib_status_to_string(rc)); return rc; } /* Finally, split it up & store the components */ rc = modua_agent_fields(ib, tx, bs); return rc; }
static ib_status_t modpcre_init(ib_engine_t *ib, ib_module_t *m, void *cbdata) { IB_FTRACE_INIT(); ib_status_t rc; /* Register as a matcher provider. */ rc = ib_provider_register(ib, IB_PROVIDER_TYPE_MATCHER, MODULE_NAME_STR, NULL, &modpcre_matcher_iface, NULL); if (rc != IB_OK) { ib_log_error(ib, MODULE_NAME_STR ": Error registering pcre matcher provider: " "%s", ib_status_to_string(rc)); IB_FTRACE_RET_STATUS(IB_OK); } ib_log_debug(ib,"PCRE Status: compiled=\"%d.%d %s\" loaded=\"%s\"", PCRE_MAJOR, PCRE_MINOR, IB_XSTRINGIFY(PCRE_DATE), pcre_version()); /* Register operators. */ ib_operator_register(ib, "pcre", (IB_OP_FLAG_PHASE | IB_OP_FLAG_CAPTURE), pcre_operator_create, NULL, pcre_operator_destroy, NULL, pcre_operator_execute, NULL); /* An alias of pcre. The same callbacks are registered. */ ib_operator_register(ib, "rx", (IB_OP_FLAG_PHASE | IB_OP_FLAG_CAPTURE), pcre_operator_create, NULL, pcre_operator_destroy, NULL, pcre_operator_execute, NULL); /* Register a pcre operator that uses pcre_dfa_exec to match streams. */ ib_operator_register(ib, "dfa", (IB_OP_FLAG_PHASE | IB_OP_FLAG_STREAM), dfa_operator_create, NULL, dfa_operator_destroy, NULL, dfa_operator_execute, NULL); IB_FTRACE_RET_STATUS(IB_OK); }
/** * Initialize the IronBee ATS plugin. * * Performs initializations required by ATS. * * @param[in] argc Command-line argument count * @param[in] argv Command-line argument list */ static void *ibinit(void *x) { TSCont cont = x; ib_status_t rc; rc = ironbee_init(&module_data); if (rc != IB_OK) { TSError("[ironbee] initialization failed: %s", ib_status_to_string(rc)); goto Lerror; } /* connection initialization & cleanup */ TSHttpHookAdd(TS_HTTP_SSN_START_HOOK, cont); /* now all's up and running, flag it to our READ_REQUEST_HDR hook */ TSContDataSet(cont, &module_data); /* Register our continuation for management update for traffic_line -x * Note that this requires Trafficserver 3.3.5 or later, or else * apply the patch from bug TS-2036 */ TSMgmtUpdateRegister(cont, "ironbee"); return NULL; Lerror: TSError("[ironbee] Unable to initialize plugin (disabled)."); return NULL; }
static void core_gen_tx_bytestr_alias2( ib_tx_t *tx, const char *name, const char *val, size_t val_length ) { assert(tx != NULL); assert(name != NULL); assert(val != NULL); ib_status_t rc; ib_bytestr_t *bytestr; rc = ib_bytestr_alias_mem( &bytestr, tx->mp, (const uint8_t *)val, val_length ); if (rc != IB_OK) { ib_log_warning_tx(tx, "Failed to create alias for \"%s\" var: %s", name, ib_status_to_string(rc)); return; } core_gen_tx_bytestr_alias(tx, name, bytestr); }
static void core_gen_tx_bytestr_alias(ib_tx_t *tx, const char *name, ib_bytestr_t *val) { assert(tx != NULL); assert(name != NULL); assert(val != NULL); ib_field_t *f; ib_var_source_t *source; ib_status_t rc; rc = ib_field_create_no_copy( &f, tx->mp, name, strlen(name), IB_FTYPE_BYTESTR, val ); if (rc != IB_OK) { ib_log_warning_tx(tx, "Failed to create \"%s\" var: %s", name, ib_status_to_string(rc)); return; } rc = ib_var_source_acquire( &source, tx->mp, ib_var_store_config(tx->var_store), name, strlen(name) ); if (rc != IB_OK) { ib_log_warning_tx(tx, "Failed to acquire \"%s\" var: %s", name, ib_status_to_string(rc)); return; } rc = ib_var_source_set(source, tx->var_store, f); if (rc != IB_OK) { ib_log_warning_tx(tx, "Failed add \"%s\" var to transaction: %s", name, ib_status_to_string(rc) ); } }
/** * Create an instance of the @c ee_match_any operator. * * Looks up the automata name and adds the automata to the operator instance. * * @param[in] ctx Current context. * @param[in] parameters Automata name. * @param[out] instance_data Instance data. * @param[in] cbdata Callback data. */ static ib_status_t ee_match_any_operator_create( ib_context_t *ctx, const char *parameters, void *instance_data, void *cbdata ) { assert(ctx != NULL); assert(parameters != NULL); assert(instance_data != NULL); ib_status_t rc; ia_eudoxus_t* eudoxus; ee_operator_data_t *operator_data; ib_module_t *module; ib_engine_t *ib = ib_context_get_engine(ctx); ib_mpool_t *pool = ib_context_get_mpool(ctx); const ee_config_t *config = ee_get_config(ib); const ib_hash_t *eudoxus_pattern_hash; assert(config != NULL); assert(config->eudoxus_pattern_hash != NULL); /* Get my module object */ rc = ib_engine_module_get(ib, MODULE_NAME_STR, &module); if (rc != IB_OK) { ib_log_error(ib, "Failed to get eudoxus operator module object: %s", ib_status_to_string(rc)); return rc; } /* Allocate a rule data object, populate it */ operator_data = ib_mpool_alloc(pool, sizeof(*operator_data)); if (operator_data == NULL) { return IB_EALLOC; } eudoxus_pattern_hash = config->eudoxus_pattern_hash; rc = ib_hash_get(eudoxus_pattern_hash, &eudoxus, parameters); if (rc == IB_ENOENT ) { ib_log_error(ib, MODULE_NAME_STR ": No eudoxus automata named %s found.", parameters); return rc; } else if (rc != IB_OK) { ib_log_error(ib, MODULE_NAME_STR ": Error setting up eudoxus automata operator."); return rc; } operator_data->eudoxus = eudoxus; *(ee_operator_data_t **)instance_data = operator_data; ib_log_debug(ib, "Found compiled eudoxus pattern \"%s\"", parameters); return IB_OK; }
/** * Perf Event Start Event Callback. * * On a connection started event we register connection * counters for the connection. * * @param[in] ib IronBee object. * @param[in] event Event type. * @param[in] connp Connection object. * @param[in] cbdata Callback data: actually an perf_info_t describing the * event. */ static ib_status_t mod_perf_stats_reg_conn_counter( ib_engine_t *ib, ib_state_event_type_t event_type, ib_conn_t *connp, void *cbdata ) { IB_FTRACE_INIT(); perf_info_t *perf_info; event_info_t *eventp = (event_info_t *)cbdata; int cevent = eventp->number; int rc; int event; perf_info = ib_mpool_alloc(connp->mp, sizeof(*perf_info) * IB_STATE_EVENT_NUM); for (event = 0; event < IB_STATE_EVENT_NUM; ++event) { if ((eventp->cbdata_type == IB_CBDATA_NONE) || (eventp->cbdata_type == IB_CBDATA_CONN_DATA_T)) { ib_log_error(ib, "Cannot collect stats for:%d name:%s cbdata_type: %d", eventp->number, eventp->name, eventp->cbdata_type); } else { perf_info_t *perfp = &perf_info[event]; /* Does this event match conn_started_event? * If so we should init counters for this event. */ if (event == cevent) { perfp->call_cnt = 1; perfp->start_usec = ib_clock_get_time(); } else { perfp->call_cnt = 0; perfp->start_usec = 0; } /* Setup other defaults */ perfp->number = event; perfp->name = ib_state_event_name((ib_state_event_type_t)event); perfp->cbdata_type = ib_state_event_cbdata_type(event); perfp->max_usec = 0; perfp->total_usec = 0; perfp->stop_usec = 0; ib_log_debug(ib, "Perf callback registered %s (%d) (%d)", perfp->name, perfp->number, perfp->cbdata_type); } } rc = ib_hash_set(connp->data, "MOD_PERF_STATS" ,perf_info); if (rc != IB_OK) { ib_log_debug(ib, "Failed to store perf stats in connection data: %s", ib_status_to_string(rc)); IB_FTRACE_RET_STATUS(rc); } IB_FTRACE_RET_STATUS(IB_OK); }
/** * Called to initialize the user agent module (when the module is loaded). * * Registers a handler for the request_header_finished_event event. * * @param[in,out] ib IronBee object * @param[in] m Module object * @param[in] cbdata (unused) * * @returns Status code */ static ib_status_t modua_init(ib_engine_t *ib, ib_module_t *m, void *cbdata) { IB_FTRACE_INIT(); ib_status_t rc; modua_match_rule_t *failed_rule; unsigned int failed_frule_num; /* Register the user agent callback */ rc = ib_hook_tx_register(ib, request_header_finished_event, modua_user_agent, NULL); if (rc != IB_OK) { ib_log_error(ib, "Hook register returned %s", ib_status_to_string(rc)); } /* Register the remote address callback */ rc = ib_hook_tx_register(ib, request_header_finished_event, modua_remoteip, NULL); if (rc != IB_OK) { ib_log_error(ib, "Hook register returned %s", ib_status_to_string(rc)); } /* Initializations */ rc = modua_ruleset_init(&failed_rule, &failed_frule_num); if (rc != IB_OK) { ib_log_error(ib, "User agent rule initialization failed" " on rule %s field rule #%d: %s", failed_rule->label, failed_frule_num, ib_status_to_string(rc)); } /* Get the rules */ modua_match_ruleset = modua_ruleset_get( ); if (modua_match_ruleset == NULL) { ib_log_error(ib, "Failed to get user agent rule list: %s", ib_status_to_string(rc)); IB_FTRACE_RET_STATUS(rc); } ib_log_debug(ib, "Found %d match rules", modua_match_ruleset->num_rules); IB_FTRACE_RET_STATUS(IB_OK); }
static void core_gen_tx_numeric(ib_tx_t *tx, const char *name, ib_num_t val) { assert(tx != NULL); assert(name != NULL); ib_field_t *f; ib_num_t num = val; ib_status_t rc; ib_var_source_t *source; rc = ib_field_create(&f, tx->mp, name, strlen(name), IB_FTYPE_NUM, &num); if (rc != IB_OK) { ib_log_warning_tx(tx, "Failed to create \"%s\" field: %s", name, ib_status_to_string(rc)); return; } rc = ib_var_source_acquire( &source, tx->mp, ib_var_store_config(tx->var_store), name, strlen(name) ); if (rc != IB_OK) { ib_log_warning_tx(tx, "Failed to acquire \"%s\" var: %s", name, ib_status_to_string(rc)); return; } rc = ib_var_source_set(source, tx->var_store, f); if (rc != IB_OK) { ib_log_warning_tx(tx, "Failed add \"%s\" var to transaction: %s", name, ib_status_to_string(rc) ); } }
/** * Store a field in the agent list * * Creates a new field and adds it to the agent list field list. * * @param[in] ib IronBee object * @param[in,out] mp Memory pool to allocate from * @param[in] agent_list Field to add the field to * @param[in] name Field name * @param[in] value Field value * * @returns Status code */ static ib_status_t modua_store_field(ib_engine_t *ib, ib_mpool_t *mp, ib_field_t *agent_list, const char *name, const char *value) { IB_FTRACE_INIT(); ib_field_t *tmp_field = NULL; ib_status_t rc = IB_OK; /* No value? Do nothing */ if (value == NULL) { ib_log_debug3(ib, "No %s field in user agent", name); IB_FTRACE_RET_STATUS(IB_OK); } /* Create the field */ rc = ib_field_create( &tmp_field, mp, IB_FIELD_NAME(name), IB_FTYPE_NULSTR, ib_ftype_nulstr_in(value) ); if (rc != IB_OK) { ib_log_alert(ib, "Error creating user agent %s field: %s", name, ib_status_to_string(rc)); IB_FTRACE_RET_STATUS(rc); } /* Add the field to the list */ rc = ib_field_list_add(agent_list, tmp_field); if (rc != IB_OK) { ib_log_alert(ib, "Error adding user agent %s field: %s", name, ib_status_to_string(rc)); IB_FTRACE_RET_STATUS(rc); } ib_log_debug3(ib, "Stored user agent %s '%s'", name, value); IB_FTRACE_RET_STATUS(IB_OK); }
/** * Eudoxus first match callback function. Called when a match occurs. * * Always returns IA_EUDOXUS_CMD_STOP to stop matching (unless an * error occurs). If capture is enabled the matched text will be stored in the * capture variable. * * @param[in] engine Eudoxus engine. * @param[in] output Output defined by automata. * @param[in] output_length Length of output. * @param[in] input Current location in the input (first character * after the match). * @param[in,out] cbdata Pointer to the ee_callback_data_t instance we are * handling. This is needed for handling capture * of the match. * @return IA_EUDOXUS_CMD_ERROR on error, IA_EUDOXUS_CMD_STOP otherwise. */ static ia_eudoxus_command_t ee_first_match_callback(ia_eudoxus_t* engine, const char *output, size_t output_length, const uint8_t *input, void *cbdata) { assert(cbdata != NULL); assert(output != NULL); ib_status_t rc; uint32_t match_len; const ee_callback_data_t *ee_cbdata = cbdata; ib_tx_t *tx = ee_cbdata->tx; ib_field_t *capture = ee_cbdata->capture; ib_bytestr_t *bs; ib_field_t *field; const char *name; assert(tx != NULL); if (capture != NULL) { if (output_length != sizeof(uint32_t)) { return IA_EUDOXUS_CMD_ERROR; } match_len = *(uint32_t *)(output); rc = ib_capture_clear(capture); if (rc != IB_OK) { ib_log_error_tx(tx, "Error clearing captures: %s", ib_status_to_string(rc)); return IA_EUDOXUS_CMD_ERROR; } /* Create a byte-string representation */ rc = ib_bytestr_dup_mem(&bs, tx->mp, (input - match_len), match_len); if (rc != IB_OK) { return IA_EUDOXUS_CMD_ERROR; } name = ib_capture_name(0); rc = ib_field_create(&field, tx->mp, name, strlen(name), IB_FTYPE_BYTESTR, ib_ftype_bytestr_in(bs)); if (rc != IB_OK) { return IA_EUDOXUS_CMD_ERROR; } rc = ib_capture_set_item(capture, 0, tx->mp, field); if (rc != IB_OK) { return IA_EUDOXUS_CMD_ERROR; } } return IA_EUDOXUS_CMD_STOP; }
void RunTest(int line, const char *s, ib_status_t estatus) { ib_status_t rc; ib_float_t result; rc = ::ib_string_to_float(s, &result); EXPECT_EQ(rc, estatus) << "Line " << line << ": Conversion of '" << s << "'" << " failed; rc=" << rc << " (" << ib_status_to_string(rc) << ")"; }
static void ironbee_plugin_mgmt_update(TSCont contp) { assert(contp != NULL); TSDebug("ironbee", "Management update"); ib_status_t rc; rc = tsib_manager_engine_create(); if (rc != IB_OK) { TSError("[ironbee] Error creating new engine: %s", ib_status_to_string(rc)); } }
/** * Get or create an ib_hash_t inside of @c tx for storing dfa rule data. * * The hash is stored at the key @c HASH_NAME_STR. * * @param[in] m PCRE module. * @param[in] tx The transaction containing @c tx->data which holds * the @a operator_data object. * @param[out] hash The fetched or created rule data hash. This is set * to NULL on failure. * * @return * - IB_OK on success. * - IB_EALLOC on allocation failure */ static ib_status_t get_or_create_operator_data_hash( const ib_module_t *m, ib_tx_t *tx, ib_hash_t **hash ) { assert(tx); assert(tx->mp); ib_status_t rc; /* Get or create the hash that contains the rule data. */ rc = ib_tx_get_module_data(tx, m, hash); if ( (rc == IB_OK) && (*hash != NULL) ) { ib_log_debug2_tx(tx, "Found rule data hash in tx."); return IB_OK; } ib_log_debug2_tx(tx, "Rule data hash did not exist in tx."); rc = ib_hash_create(hash, tx->mp); if (rc != IB_OK) { ib_log_debug2_tx(tx, "Failed to create hash: %s", ib_status_to_string(rc)); return rc; } rc = ib_tx_set_module_data(tx, m, *hash); if (rc != IB_OK) { ib_log_debug2_tx(tx, "Failed to store hash: %s", ib_status_to_string(rc)); *hash = NULL; } ib_log_debug2_tx(tx, "Returning rule hash at %p.", *hash); return rc; }
void RunTest(int line, const char *s, int base, ib_status_t estatus) { ib_status_t rc; ib_num_t result; rc = ::ib_string_to_num(s, base, &result); EXPECT_EQ(rc, estatus) << "Line " << line << ": Conversion of '" << s << "' base10=" << base << " failed; rc=" << rc << " (" << ib_status_to_string(rc) << ")"; }
void ib_trace_status(const char *file, int line, const char *func, const char *msg, ib_status_t rc) { const char *sep = func?"() - ":""; const char *sep2 = msg?" ":""; fprintf(ib_trace_fh, "IronBee TRACE [%s:%d]: %s%s%s%s%s)\n", file, line, (func?func:""), sep, (msg?msg:""), sep2, ib_status_to_string(rc)); fflush(ib_trace_fh); }
ib_status_t ngxib_release_engine( ib_engine_t *engine, ngx_log_t *log ) { module_data_t *mod_data = &module_data; ib_status_t rc; assert(mod_data->manager != NULL); rc = ib_manager_engine_release(mod_data->manager, engine); if (rc != IB_OK) { ngx_log_error(NGX_LOG_ERR, log, 0, "Failed to release engine to manager: %s!", ib_status_to_string(rc)); } return rc; }
/** * Engine Manager Control Channel continuation. * * This polls and takes action on commands to IronBee. * * @param[in] contp Pointer to the continuation. * @param[in] event Event from ATS. Unused. * @param[in] edata Event data. Unused. * * @returns * - 0 On success. * - -1 On error. */ static int manager_ctl(TSCont contp, TSEvent event, void *edata) { module_data_t *mod_data = (module_data_t *)(TSContDataGet(contp)); if (ib_engine_manager_control_ready(mod_data->manager_ctl)) { ib_status_t rc; rc = ib_engine_manager_control_recv(mod_data->manager_ctl, false); if (rc != IB_EAGAIN && rc != IB_OK) { TSError("[ironbee] Error processing message: %s", ib_status_to_string(rc)); return -1; } } return 0; }
ib_status_t ngxib_acquire_engine( ib_engine_t **pengine, ngx_log_t *log ) { module_data_t *mod_data = &module_data; ib_status_t rc; /* No manager? Decline the request */ if (mod_data->manager == NULL) { ngx_log_error(NGX_LOG_ERR, log, 0, "acquire_engine: No manager!"); return IB_DECLINED; } rc = ib_manager_engine_acquire(mod_data->manager, pengine); if (rc != IB_OK) { ngx_log_error(NGX_LOG_ERR, log, 0, "Failed to acquire engine from manager: %s!", ib_status_to_string(rc)); } return rc; }
void RunTest(int line, const char *s, ib_float_t expected) { ib_status_t rc; ib_float_t result; rc = ::ib_string_to_float(s, &result); if (result != IB_OK) { EXPECT_EQ(rc, IB_OK) << "Line " << line << ": " << "Conversion of '" << s << "' failed; rc=" << rc << " (" << ib_status_to_string(rc) << ")"; } else { ib_num_t range = (ib_num_t)fabs(expected * 0.001); bool iseq = ( (result >= expected - range) && (result <= expected + range) ); EXPECT_TRUE(iseq) << "Line " << line << ": " << "Conversion of '" << s << "' expected value=" << expected << " result="<< result; } }
/** * Set the matches into the given field name as .0, .1, .2 ... .9. * * @param[in] ib The IronBee engine to log to. * @param[in] tx The transaction to store the values into (tx->dpi). * @param[in] field_name The field to populate with Regex matches. * @param[in] ovector The vector of integer pairs of matches from PCRE. * @param[in] matches The number of matches. * @param[in] subject The matched-against string data. * * @returns IB_OK or IB_EALLOC. */ static ib_status_t pcre_set_matches(ib_engine_t *ib, ib_tx_t *tx, int *ovector, int matches, const char *subject) { IB_FTRACE_INIT(); /* IronBee status. */ ib_status_t rc; /* Iterator. */ int i; rc = ib_data_capture_clear(tx); if (rc != IB_OK) { ib_log_error_tx(tx, "Error clearing captures: %s", ib_status_to_string(rc)); } /* We have a match! Now populate TX:0-9 in tx->dpi. */ ib_log_debug2_tx(tx, "REGEX populating %d matches", matches); for (i=0; i<matches; i++) { /* The length of the match. */ size_t match_len; /* The first character in the match. */ const char *match_start; /* Field name */ const char *name; /* Holder for a copy of the field value when creating a new field. */ ib_bytestr_t *bs; /* Field holder. */ ib_field_t *field; /* Readability. Mark the start and length of the string. */ match_start = subject+ovector[i*2]; match_len = ovector[i*2+1] - ovector[i*2]; /* If debugging this, copy the string value out and print it to the * log. This could be dangerous as there could be non-character * values in the match. */ ib_log_debug2_tx(tx, "REGEX Setting #%d=%.*s", i, (int)match_len, match_start); /* Create a byte-string representation */ rc = ib_bytestr_dup_mem(&bs, tx->mp, (const uint8_t*)match_start, match_len); if (rc != IB_OK) { IB_FTRACE_RET_STATUS(rc); } /* Create a field to hold the byte-string */ name = ib_data_capture_name(i); rc = ib_field_create(&field, tx->mp, name, strlen(name), IB_FTYPE_BYTESTR, ib_ftype_bytestr_in(bs)); if (rc != IB_OK) { IB_FTRACE_RET_STATUS(rc); } /* Add it to the capture collection */ rc = ib_data_capture_set_item(tx, i, field); if (rc != IB_OK) { IB_FTRACE_RET_STATUS(rc); } } IB_FTRACE_RET_STATUS(IB_OK); }