static ib_status_t core_slow_get(
ib_field_t **f,
ib_tx_t *tx,
const char *name
)
{
assert(f != NULL);
assert(tx != NULL);
assert(name != NULL);
ib_status_t rc;
ib_var_source_t *source;
ib_field_t *value = NULL;
rc = ib_var_source_acquire(
&source,
ib_var_store_pool(tx->var_store),
ib_var_store_config(tx->var_store),
name, strlen(name)
);
if (rc != IB_OK) {
return rc;
}
rc = ib_var_source_get(source, &value, tx->var_store);
if (rc != IB_OK) {
return rc;
}
if (value == NULL) {
return IB_EOTHER;
}
*f = value;
return IB_OK;
}
static bool core_vars_is_set(ib_tx_t *tx, const char *name)
{
assert(tx != NULL);
assert(name != NULL);
ib_status_t rc;
ib_var_source_t *source;
ib_field_t *f;
rc = ib_var_source_acquire(
&source,
ib_var_store_pool(tx->var_store),
ib_var_store_config(tx->var_store),
name, strlen(name)
);
if (rc != IB_OK) {
return false;
}
rc = ib_var_source_get(source, &f, tx->var_store);
if (rc == IB_ENOENT || ! f) {
return false;
}
return true;
}
static void core_vars_gen_list(ib_tx_t *tx, const char *name)
{
assert(tx != NULL);
assert(name != NULL);
ib_status_t rc;
ib_var_source_t *source;
rc = ib_var_source_acquire(
&source,
tx->mp,
ib_var_store_config(tx->var_store),
name, strlen(name)
);
if (rc != IB_OK) {
ib_log_warning_tx(tx, "Failed to acquire \"%s\" var: %s",
name, ib_status_to_string(rc));
return;
}
rc = ib_var_source_initialize(source, NULL, tx->var_store, IB_FTYPE_LIST);
if (rc != IB_OK) {
ib_log_warning_tx(tx,
"Failed add \"%s\" var to transaction: %s",
name, ib_status_to_string(rc)
);
}
}
static void core_gen_tx_bytestr_alias(ib_tx_t *tx,
const char *name,
ib_bytestr_t *val)
{
assert(tx != NULL);
assert(name != NULL);
assert(val != NULL);
ib_field_t *f;
ib_var_source_t *source;
ib_status_t rc;
rc = ib_field_create_no_copy(
&f,
tx->mp,
name, strlen(name),
IB_FTYPE_BYTESTR,
val
);
if (rc != IB_OK) {
ib_log_warning_tx(tx, "Failed to create \"%s\" var: %s",
name, ib_status_to_string(rc));
return;
}
rc = ib_var_source_acquire(
&source,
tx->mp,
ib_var_store_config(tx->var_store),
name, strlen(name)
);
if (rc != IB_OK) {
ib_log_warning_tx(tx, "Failed to acquire \"%s\" var: %s",
name, ib_status_to_string(rc));
return;
}
rc = ib_var_source_set(source, tx->var_store, f);
if (rc != IB_OK) {
ib_log_warning_tx(tx,
"Failed add \"%s\" var to transaction: %s",
name, ib_status_to_string(rc)
);
}
}
static void core_gen_tx_numeric(ib_tx_t *tx,
const char *name,
ib_num_t val)
{
assert(tx != NULL);
assert(name != NULL);
ib_field_t *f;
ib_num_t num = val;
ib_status_t rc;
ib_var_source_t *source;
rc = ib_field_create(&f, tx->mp,
name, strlen(name),
IB_FTYPE_NUM,
&num);
if (rc != IB_OK) {
ib_log_warning_tx(tx, "Failed to create \"%s\" field: %s",
name, ib_status_to_string(rc));
return;
}
rc = ib_var_source_acquire(
&source,
tx->mp,
ib_var_store_config(tx->var_store),
name, strlen(name)
);
if (rc != IB_OK) {
ib_log_warning_tx(tx, "Failed to acquire \"%s\" var: %s",
name, ib_status_to_string(rc));
return;
}
rc = ib_var_source_set(source, tx->var_store, f);
if (rc != IB_OK) {
ib_log_warning_tx(tx,
"Failed add \"%s\" var to transaction: %s",
name, ib_status_to_string(rc)
);
}
}
ib_status_t ib_capture_acquire(
const ib_tx_t *tx,
const char *collection_name,
ib_field_t **field
)
{
assert(tx != NULL);
assert(tx->var_store != NULL);
ib_status_t rc;
ib_var_source_t *source;
/* Look up the capture list */
collection_name = get_collection_name(collection_name);
// @todo Acquire source at configuration time.
rc = ib_var_source_acquire(&source,
tx->mm,
ib_engine_var_config_get(tx->ib),
collection_name, strlen(collection_name)
);
if (rc != IB_OK) {
return rc;
}
rc = ib_var_source_get(source, field, tx->var_store);
if (
rc == IB_ENOENT ||
(rc == IB_OK && (*field)->type != IB_FTYPE_LIST)
) {
rc = ib_var_source_initialize(
source,
field,
tx->var_store,
IB_FTYPE_LIST
);
}
if (rc != IB_OK) {
return rc;
}
return IB_OK;
}
static
ib_status_t core_vars_placeholder_bytestr(
ib_var_store_t *store,
const char *name
)
{
ib_status_t rc;
ib_var_source_t *source;
ib_field_t *f;
rc = ib_var_source_acquire(
&source,
ib_var_store_pool(store),
ib_var_store_config(store),
name, strlen(name)
);
if (rc != IB_OK) {
return rc;
}
rc = ib_field_create_bytestr_alias(
&f,
ib_var_store_pool(store),
name, strlen(name),
(uint8_t *)core_placeholder_value,
sizeof(core_placeholder_value)
);
if (rc != IB_OK) {
return rc;
}
rc = ib_var_source_set(
source,
store,
f
);
return rc;
}
/**
* Called at context close. Initialized user-agent target.
*
* @param[in] ib Engine
* @param[in] ctx Context
* @param[in] event Event triggering the callback
* @param[in] cbdata Callback data (module).
*
* @returns Status code
*/
static
ib_status_t modua_ctx_close(
ib_engine_t *ib,
ib_context_t *ctx,
ib_state_event_type_t event,
void *cbdata
)
{
ib_module_t *m = (ib_module_t *)cbdata;
if (ib_context_type(ctx) == IB_CTYPE_MAIN) {
modua_config_t *cfg;
ib_var_target_t *target;
ib_status_t rc;
rc = ib_context_module_config(ctx, m, &cfg);
if (rc != IB_OK) {
ib_log_error(ib, "Can't fetch configuration: %s",
ib_status_to_string(rc));
return rc;
}
rc = ib_var_target_acquire_from_string(
&target,
ib_engine_pool_main_get(ib),
ib_engine_var_config_get(ib),
IB_S2SL("request_headers:User-Agent"),
NULL, NULL
);
if (rc != IB_OK) {
ib_log_error(ib,
"Error acquiring target for User-Agent header: %s",
ib_status_to_string(rc));
return rc;
}
cfg->user_agent = target;
rc = ib_var_target_acquire_from_string(
&target,
ib_engine_pool_main_get(ib),
ib_engine_var_config_get(ib),
IB_S2SL("request_headers:X-Forwarded-For"),
NULL, NULL
);
if (rc != IB_OK) {
ib_log_error(ib,
"Error acquiring target for X-Forwarded-For header: %s",
ib_status_to_string(rc));
return rc;
}
cfg->forwarded_for = target;
rc = ib_var_source_acquire(
&(cfg->remote_addr),
ib_engine_pool_main_get(ib),
ib_engine_var_config_get(ib),
IB_S2SL("remote_addr")
);
if (rc != IB_OK) {
ib_log_error(ib,
"Error acquiring source for remote_addr"
" header: %s",
ib_status_to_string(rc));
return rc;
}
}
return IB_OK;
}
/**
* Parse the user agent header, splitting into component fields.
*
* Attempt to tokenize the user agent string passed in, storing the
* result in the DPI associated with the transaction.
*
* @param[in] ib IronBee object
* @param[in,out] tx Transaction object
* @param[in] bs Byte string containing the agent string
*
* @returns Status code
*/
static ib_status_t modua_agent_fields(ib_engine_t *ib,
ib_tx_t *tx,
const ib_bytestr_t *bs)
{
const modua_match_rule_t *rule = NULL;
ib_field_t *agent_list = NULL;
char *product = NULL;
char *platform = NULL;
char *extra = NULL;
char *agent;
char *buf;
size_t len;
ib_status_t rc;
ib_var_source_t *source;
/* Get the length of the byte string */
len = ib_bytestr_length(bs);
/* Allocate memory for a copy of the string to split up below. */
buf = (char *)ib_mpool_calloc(tx->mp, 1, len+1);
if (buf == NULL) {
ib_log_error_tx(tx,
"Failed to allocate %zd bytes for agent string",
len+1);
return IB_EALLOC;
}
/* Copy the string out */
memcpy(buf, ib_bytestr_const_ptr(bs), len);
buf[len] = '\0';
ib_log_debug_tx(tx, "Found user agent: '%s'", buf);
/* Copy the agent string */
agent = (char *)ib_mpool_strdup(tx->mp, buf);
if (agent == NULL) {
ib_log_error_tx(tx, "Failed to allocate copy of agent string");
return IB_EALLOC;
}
/* Parse the user agent string */
rc = modua_parse_uastring(buf, &product, &platform, &extra);
if (rc != IB_OK) {
ib_log_debug_tx(tx, "Failed to parse User Agent string '%s'", agent);
return IB_OK;
}
/* Categorize the parsed string */
rule = modua_match_cat_rules(product, platform, extra);
if (rule == NULL) {
ib_log_debug_tx(tx, "No rule matched" );
}
else {
ib_log_debug_tx(tx, "Matched to rule #%d / category '%s'",
rule->rule_num, rule->category );
}
/* Build a new list. */
rc = ib_var_source_acquire(
&source, tx->mp, ib_engine_var_config_get(ib), IB_S2SL("UA")
);
if (rc != IB_OK) {
ib_log_alert_tx(tx, "Unable to acquire source for UserAgent list.");
return rc;
}
rc = ib_var_source_initialize(
source, &agent_list, tx->var_store, IB_FTYPE_LIST
);
if (rc != IB_OK)
{
ib_log_alert_tx(tx, "Unable to add UserAgent list to DPI.");
return rc;
}
/* Store Agent */
rc = modua_store_field(ib, tx->mp, agent_list, "agent", agent);
if (rc != IB_OK) {
return rc;
}
/* Store product */
rc = modua_store_field(ib, tx->mp, agent_list, "PRODUCT", product);
if (rc != IB_OK) {
return rc;
}
/* Store Platform */
rc = modua_store_field(ib, tx->mp, agent_list, "OS", platform);
if (rc != IB_OK) {
return rc;
}
/* Store Extra */
rc = modua_store_field(ib, tx->mp, agent_list, "extra", extra);
if (rc != IB_OK) {
return rc;
}
/* Store Extra */
if (rule != NULL) {
rc = modua_store_field(ib, tx->mp, agent_list,
"category", rule->category);
}
else {
rc = modua_store_field(ib, tx->mp, agent_list, "category", NULL );
}
if (rc != IB_OK) {
return rc;
}
/* Done */
return IB_OK;
}
/**
* Create an alias list collection.
*
* @param ib Engine.
* @param tx Transaction.
* @param name Collection name
* @param header Header list to alias
*
* @returns Status code
*/
static ib_status_t create_header_alias_list(
ib_engine_t *ib,
ib_tx_t *tx,
const char *name,
ib_parsed_header_wrapper_t *header)
{
ib_field_t *f;
ib_list_t *header_list;
ib_status_t rc;
ib_parsed_name_value_pair_list_t *nvpair;
ib_var_source_t *source;
assert(ib != NULL);
assert(tx != NULL);
assert(name != NULL);
assert(header != NULL);
/* Create the list */
rc = ib_var_source_acquire(
&source,
ib_var_store_pool(tx->var_store),
ib_var_store_config(tx->var_store),
name, strlen(name)
);
if (rc != IB_OK) {
return rc;
}
rc = ib_var_source_get(source, &f, tx->var_store);
if (rc == IB_ENOENT || ! f) {
rc = ib_var_source_initialize(
source,
&f,
tx->var_store,
IB_FTYPE_LIST
);
if (rc != IB_OK) {
return rc;
}
}
rc = ib_field_mutable_value(f, ib_ftype_list_mutable_out(&header_list));
if (rc != IB_OK) {
return rc;
}
/* Loop through the list & alias everything */
for(nvpair = header->head; nvpair != NULL; nvpair = nvpair->next) {
assert(nvpair);
assert(nvpair->value);
ib_bytestr_t *bs = NULL;
if (ib_bytestr_ptr(nvpair->value) != NULL) {
rc = ib_bytestr_alias_mem(
&bs,
tx->mp,
ib_bytestr_ptr(nvpair->value),
ib_bytestr_length(nvpair->value)
);
}
else {
rc = ib_bytestr_dup_mem(&bs, tx->mp, (const uint8_t *)"", 0);
}
if (rc != IB_OK) {
ib_log_error_tx(
tx,
"Error creating bytestring of '%.*s' for %s: %s",
(int)ib_bytestr_length(nvpair->name),
(const char *)ib_bytestr_ptr(nvpair->name),
name,
ib_status_to_string(rc)
);
return rc;
}
/* Create a byte string field */
rc = ib_field_create(
&f,
tx->mp,
(const char *)ib_bytestr_const_ptr(nvpair->name),
ib_bytestr_length(nvpair->name),
IB_FTYPE_BYTESTR,
ib_ftype_bytestr_in(bs)
);
if (rc != IB_OK) {
ib_log_error_tx(tx,
"Error creating field of '%.*s' for %s: %s",
(int)ib_bytestr_length(nvpair->name),
(const char *)ib_bytestr_ptr(nvpair->name),
name,
ib_status_to_string(rc));
return rc;
}
/* Add the field to the list */
rc = ib_list_push(header_list, f);
if (rc != IB_OK) {
ib_log_error_tx(tx, "Error adding alias of '%.*s' to %s list: %s",
(int)ib_bytestr_length(nvpair->name),
(const char *)ib_bytestr_ptr(nvpair->name),
name,
ib_status_to_string(rc));
return rc;
}
}
return IB_OK;
}
