static ib_status_t core_slow_get( ib_field_t **f, ib_tx_t *tx, const char *name ) { assert(f != NULL); assert(tx != NULL); assert(name != NULL); ib_status_t rc; ib_var_source_t *source; ib_field_t *value = NULL; rc = ib_var_source_acquire( &source, ib_var_store_pool(tx->var_store), ib_var_store_config(tx->var_store), name, strlen(name) ); if (rc != IB_OK) { return rc; } rc = ib_var_source_get(source, &value, tx->var_store); if (rc != IB_OK) { return rc; } if (value == NULL) { return IB_EOTHER; } *f = value; return IB_OK; }
static bool core_vars_is_set(ib_tx_t *tx, const char *name) { assert(tx != NULL); assert(name != NULL); ib_status_t rc; ib_var_source_t *source; ib_field_t *f; rc = ib_var_source_acquire( &source, ib_var_store_pool(tx->var_store), ib_var_store_config(tx->var_store), name, strlen(name) ); if (rc != IB_OK) { return false; } rc = ib_var_source_get(source, &f, tx->var_store); if (rc == IB_ENOENT || ! f) { return false; } return true; }
static void core_vars_gen_list(ib_tx_t *tx, const char *name) { assert(tx != NULL); assert(name != NULL); ib_status_t rc; ib_var_source_t *source; rc = ib_var_source_acquire( &source, tx->mp, ib_var_store_config(tx->var_store), name, strlen(name) ); if (rc != IB_OK) { ib_log_warning_tx(tx, "Failed to acquire \"%s\" var: %s", name, ib_status_to_string(rc)); return; } rc = ib_var_source_initialize(source, NULL, tx->var_store, IB_FTYPE_LIST); if (rc != IB_OK) { ib_log_warning_tx(tx, "Failed add \"%s\" var to transaction: %s", name, ib_status_to_string(rc) ); } }
static void core_gen_tx_bytestr_alias(ib_tx_t *tx, const char *name, ib_bytestr_t *val) { assert(tx != NULL); assert(name != NULL); assert(val != NULL); ib_field_t *f; ib_var_source_t *source; ib_status_t rc; rc = ib_field_create_no_copy( &f, tx->mp, name, strlen(name), IB_FTYPE_BYTESTR, val ); if (rc != IB_OK) { ib_log_warning_tx(tx, "Failed to create \"%s\" var: %s", name, ib_status_to_string(rc)); return; } rc = ib_var_source_acquire( &source, tx->mp, ib_var_store_config(tx->var_store), name, strlen(name) ); if (rc != IB_OK) { ib_log_warning_tx(tx, "Failed to acquire \"%s\" var: %s", name, ib_status_to_string(rc)); return; } rc = ib_var_source_set(source, tx->var_store, f); if (rc != IB_OK) { ib_log_warning_tx(tx, "Failed add \"%s\" var to transaction: %s", name, ib_status_to_string(rc) ); } }
static void core_gen_tx_numeric(ib_tx_t *tx, const char *name, ib_num_t val) { assert(tx != NULL); assert(name != NULL); ib_field_t *f; ib_num_t num = val; ib_status_t rc; ib_var_source_t *source; rc = ib_field_create(&f, tx->mp, name, strlen(name), IB_FTYPE_NUM, &num); if (rc != IB_OK) { ib_log_warning_tx(tx, "Failed to create \"%s\" field: %s", name, ib_status_to_string(rc)); return; } rc = ib_var_source_acquire( &source, tx->mp, ib_var_store_config(tx->var_store), name, strlen(name) ); if (rc != IB_OK) { ib_log_warning_tx(tx, "Failed to acquire \"%s\" var: %s", name, ib_status_to_string(rc)); return; } rc = ib_var_source_set(source, tx->var_store, f); if (rc != IB_OK) { ib_log_warning_tx(tx, "Failed add \"%s\" var to transaction: %s", name, ib_status_to_string(rc) ); } }
ib_status_t ib_capture_acquire( const ib_tx_t *tx, const char *collection_name, ib_field_t **field ) { assert(tx != NULL); assert(tx->var_store != NULL); ib_status_t rc; ib_var_source_t *source; /* Look up the capture list */ collection_name = get_collection_name(collection_name); // @todo Acquire source at configuration time. rc = ib_var_source_acquire(&source, tx->mm, ib_engine_var_config_get(tx->ib), collection_name, strlen(collection_name) ); if (rc != IB_OK) { return rc; } rc = ib_var_source_get(source, field, tx->var_store); if ( rc == IB_ENOENT || (rc == IB_OK && (*field)->type != IB_FTYPE_LIST) ) { rc = ib_var_source_initialize( source, field, tx->var_store, IB_FTYPE_LIST ); } if (rc != IB_OK) { return rc; } return IB_OK; }
static ib_status_t core_vars_placeholder_bytestr( ib_var_store_t *store, const char *name ) { ib_status_t rc; ib_var_source_t *source; ib_field_t *f; rc = ib_var_source_acquire( &source, ib_var_store_pool(store), ib_var_store_config(store), name, strlen(name) ); if (rc != IB_OK) { return rc; } rc = ib_field_create_bytestr_alias( &f, ib_var_store_pool(store), name, strlen(name), (uint8_t *)core_placeholder_value, sizeof(core_placeholder_value) ); if (rc != IB_OK) { return rc; } rc = ib_var_source_set( source, store, f ); return rc; }
/** * Called at context close. Initialized user-agent target. * * @param[in] ib Engine * @param[in] ctx Context * @param[in] event Event triggering the callback * @param[in] cbdata Callback data (module). * * @returns Status code */ static ib_status_t modua_ctx_close( ib_engine_t *ib, ib_context_t *ctx, ib_state_event_type_t event, void *cbdata ) { ib_module_t *m = (ib_module_t *)cbdata; if (ib_context_type(ctx) == IB_CTYPE_MAIN) { modua_config_t *cfg; ib_var_target_t *target; ib_status_t rc; rc = ib_context_module_config(ctx, m, &cfg); if (rc != IB_OK) { ib_log_error(ib, "Can't fetch configuration: %s", ib_status_to_string(rc)); return rc; } rc = ib_var_target_acquire_from_string( &target, ib_engine_pool_main_get(ib), ib_engine_var_config_get(ib), IB_S2SL("request_headers:User-Agent"), NULL, NULL ); if (rc != IB_OK) { ib_log_error(ib, "Error acquiring target for User-Agent header: %s", ib_status_to_string(rc)); return rc; } cfg->user_agent = target; rc = ib_var_target_acquire_from_string( &target, ib_engine_pool_main_get(ib), ib_engine_var_config_get(ib), IB_S2SL("request_headers:X-Forwarded-For"), NULL, NULL ); if (rc != IB_OK) { ib_log_error(ib, "Error acquiring target for X-Forwarded-For header: %s", ib_status_to_string(rc)); return rc; } cfg->forwarded_for = target; rc = ib_var_source_acquire( &(cfg->remote_addr), ib_engine_pool_main_get(ib), ib_engine_var_config_get(ib), IB_S2SL("remote_addr") ); if (rc != IB_OK) { ib_log_error(ib, "Error acquiring source for remote_addr" " header: %s", ib_status_to_string(rc)); return rc; } } return IB_OK; }
/** * Parse the user agent header, splitting into component fields. * * Attempt to tokenize the user agent string passed in, storing the * result in the DPI associated with the transaction. * * @param[in] ib IronBee object * @param[in,out] tx Transaction object * @param[in] bs Byte string containing the agent string * * @returns Status code */ static ib_status_t modua_agent_fields(ib_engine_t *ib, ib_tx_t *tx, const ib_bytestr_t *bs) { const modua_match_rule_t *rule = NULL; ib_field_t *agent_list = NULL; char *product = NULL; char *platform = NULL; char *extra = NULL; char *agent; char *buf; size_t len; ib_status_t rc; ib_var_source_t *source; /* Get the length of the byte string */ len = ib_bytestr_length(bs); /* Allocate memory for a copy of the string to split up below. */ buf = (char *)ib_mpool_calloc(tx->mp, 1, len+1); if (buf == NULL) { ib_log_error_tx(tx, "Failed to allocate %zd bytes for agent string", len+1); return IB_EALLOC; } /* Copy the string out */ memcpy(buf, ib_bytestr_const_ptr(bs), len); buf[len] = '\0'; ib_log_debug_tx(tx, "Found user agent: '%s'", buf); /* Copy the agent string */ agent = (char *)ib_mpool_strdup(tx->mp, buf); if (agent == NULL) { ib_log_error_tx(tx, "Failed to allocate copy of agent string"); return IB_EALLOC; } /* Parse the user agent string */ rc = modua_parse_uastring(buf, &product, &platform, &extra); if (rc != IB_OK) { ib_log_debug_tx(tx, "Failed to parse User Agent string '%s'", agent); return IB_OK; } /* Categorize the parsed string */ rule = modua_match_cat_rules(product, platform, extra); if (rule == NULL) { ib_log_debug_tx(tx, "No rule matched" ); } else { ib_log_debug_tx(tx, "Matched to rule #%d / category '%s'", rule->rule_num, rule->category ); } /* Build a new list. */ rc = ib_var_source_acquire( &source, tx->mp, ib_engine_var_config_get(ib), IB_S2SL("UA") ); if (rc != IB_OK) { ib_log_alert_tx(tx, "Unable to acquire source for UserAgent list."); return rc; } rc = ib_var_source_initialize( source, &agent_list, tx->var_store, IB_FTYPE_LIST ); if (rc != IB_OK) { ib_log_alert_tx(tx, "Unable to add UserAgent list to DPI."); return rc; } /* Store Agent */ rc = modua_store_field(ib, tx->mp, agent_list, "agent", agent); if (rc != IB_OK) { return rc; } /* Store product */ rc = modua_store_field(ib, tx->mp, agent_list, "PRODUCT", product); if (rc != IB_OK) { return rc; } /* Store Platform */ rc = modua_store_field(ib, tx->mp, agent_list, "OS", platform); if (rc != IB_OK) { return rc; } /* Store Extra */ rc = modua_store_field(ib, tx->mp, agent_list, "extra", extra); if (rc != IB_OK) { return rc; } /* Store Extra */ if (rule != NULL) { rc = modua_store_field(ib, tx->mp, agent_list, "category", rule->category); } else { rc = modua_store_field(ib, tx->mp, agent_list, "category", NULL ); } if (rc != IB_OK) { return rc; } /* Done */ return IB_OK; }
/** * Create an alias list collection. * * @param ib Engine. * @param tx Transaction. * @param name Collection name * @param header Header list to alias * * @returns Status code */ static ib_status_t create_header_alias_list( ib_engine_t *ib, ib_tx_t *tx, const char *name, ib_parsed_header_wrapper_t *header) { ib_field_t *f; ib_list_t *header_list; ib_status_t rc; ib_parsed_name_value_pair_list_t *nvpair; ib_var_source_t *source; assert(ib != NULL); assert(tx != NULL); assert(name != NULL); assert(header != NULL); /* Create the list */ rc = ib_var_source_acquire( &source, ib_var_store_pool(tx->var_store), ib_var_store_config(tx->var_store), name, strlen(name) ); if (rc != IB_OK) { return rc; } rc = ib_var_source_get(source, &f, tx->var_store); if (rc == IB_ENOENT || ! f) { rc = ib_var_source_initialize( source, &f, tx->var_store, IB_FTYPE_LIST ); if (rc != IB_OK) { return rc; } } rc = ib_field_mutable_value(f, ib_ftype_list_mutable_out(&header_list)); if (rc != IB_OK) { return rc; } /* Loop through the list & alias everything */ for(nvpair = header->head; nvpair != NULL; nvpair = nvpair->next) { assert(nvpair); assert(nvpair->value); ib_bytestr_t *bs = NULL; if (ib_bytestr_ptr(nvpair->value) != NULL) { rc = ib_bytestr_alias_mem( &bs, tx->mp, ib_bytestr_ptr(nvpair->value), ib_bytestr_length(nvpair->value) ); } else { rc = ib_bytestr_dup_mem(&bs, tx->mp, (const uint8_t *)"", 0); } if (rc != IB_OK) { ib_log_error_tx( tx, "Error creating bytestring of '%.*s' for %s: %s", (int)ib_bytestr_length(nvpair->name), (const char *)ib_bytestr_ptr(nvpair->name), name, ib_status_to_string(rc) ); return rc; } /* Create a byte string field */ rc = ib_field_create( &f, tx->mp, (const char *)ib_bytestr_const_ptr(nvpair->name), ib_bytestr_length(nvpair->name), IB_FTYPE_BYTESTR, ib_ftype_bytestr_in(bs) ); if (rc != IB_OK) { ib_log_error_tx(tx, "Error creating field of '%.*s' for %s: %s", (int)ib_bytestr_length(nvpair->name), (const char *)ib_bytestr_ptr(nvpair->name), name, ib_status_to_string(rc)); return rc; } /* Add the field to the list */ rc = ib_list_push(header_list, f); if (rc != IB_OK) { ib_log_error_tx(tx, "Error adding alias of '%.*s' to %s list: %s", (int)ib_bytestr_length(nvpair->name), (const char *)ib_bytestr_ptr(nvpair->name), name, ib_status_to_string(rc)); return rc; } } return IB_OK; }