/**
* Create an instance of the @c ee_match_any operator.
*
* Looks up the automata name and adds the automata to the operator instance.
*
* @param[in] ctx Current context.
* @param[in] parameters Automata name.
* @param[out] instance_data Instance data.
* @param[in] cbdata Callback data.
*/
static
ib_status_t ee_match_any_operator_create(
ib_context_t *ctx,
const char *parameters,
void *instance_data,
void *cbdata
)
{
assert(ctx != NULL);
assert(parameters != NULL);
assert(instance_data != NULL);
ib_status_t rc;
ia_eudoxus_t* eudoxus;
ee_operator_data_t *operator_data;
ib_module_t *module;
ib_engine_t *ib = ib_context_get_engine(ctx);
ib_mpool_t *pool = ib_context_get_mpool(ctx);
const ee_config_t *config = ee_get_config(ib);
const ib_hash_t *eudoxus_pattern_hash;
assert(config != NULL);
assert(config->eudoxus_pattern_hash != NULL);
/* Get my module object */
rc = ib_engine_module_get(ib, MODULE_NAME_STR, &module);
if (rc != IB_OK) {
ib_log_error(ib, "Failed to get eudoxus operator module object: %s",
ib_status_to_string(rc));
return rc;
}
/* Allocate a rule data object, populate it */
operator_data = ib_mpool_alloc(pool, sizeof(*operator_data));
if (operator_data == NULL) {
return IB_EALLOC;
}
eudoxus_pattern_hash = config->eudoxus_pattern_hash;
rc = ib_hash_get(eudoxus_pattern_hash, &eudoxus, parameters);
if (rc == IB_ENOENT ) {
ib_log_error(ib,
MODULE_NAME_STR ": No eudoxus automata named %s found.",
parameters);
return rc;
}
else if (rc != IB_OK) {
ib_log_error(ib,
MODULE_NAME_STR ": Error setting up eudoxus automata operator.");
return rc;
}
operator_data->eudoxus = eudoxus;
*(ee_operator_data_t **)instance_data = operator_data;
ib_log_debug(ib, "Found compiled eudoxus pattern \"%s\"", parameters);
return IB_OK;
}
static
ib_status_t sqli_op_create(
ib_context_t *ctx,
ib_mm_t mm,
const char *parameters,
void *instance_data,
void *cbdata
)
{
ib_engine_t *ib = ib_context_get_engine(ctx);
ib_status_t rc;
ib_module_t *m = (ib_module_t *)cbdata;
const char *set_name;
size_t set_name_len;
const sqli_module_config_t *cfg = NULL;
const sqli_fingerprint_set_t *ps = NULL;
if (parameters == NULL) {
ib_log_error(ib, "Missing parameter for operator sqli");
return IB_EINVAL;
}
set_name = parameters;
set_name_len = strlen(parameters);
if (set_name[0] == '\'') {
++set_name;
--set_name_len;
}
if (set_name[set_name_len-1] == '\'') {
--set_name_len;
}
if (strncmp("default", set_name, set_name_len) == 0) {
*(const sqli_fingerprint_set_t **)instance_data = NULL;
return IB_OK;
}
rc = ib_context_module_config(ctx, m, &cfg);
assert(rc == IB_OK);
if (cfg->fingerprint_sets == NULL) {
rc = IB_ENOENT;
}
else {
rc = ib_hash_get_ex(cfg->fingerprint_sets, &ps, set_name, set_name_len);
}
if (rc == IB_ENOENT) {
ib_log_error(ib, "No such fingerprint set: %s", parameters);
return IB_EINVAL;
}
assert(rc == IB_OK);
assert(ps != NULL);
*(const sqli_fingerprint_set_t **)instance_data = ps;
return IB_OK;
}
Engine ConstContext::engine() const
{
return Engine(ib_context_get_engine(ib()));
}
/**
* Create the PCRE operator.
*
* @param[in] ctx Current context.
* @param[in] parameters Unparsed string with the parameters to
* initialize the operator instance.
* @param[out] instance_data Instance data.
* @param[in] cbdata Callback data.
*
* @returns IB_OK on success or IB_EALLOC on any other type of error.
*/
static
ib_status_t dfa_operator_create(
ib_context_t *ctx,
const char *parameters,
void *instance_data,
void *cbdata
)
{
assert(ctx != NULL);
assert(parameters != NULL);
assert(instance_data != NULL);
ib_engine_t *ib = ib_context_get_engine(ctx);
ib_mpool_t *pool = ib_context_get_mpool(ctx);
assert(ib != NULL);
assert(pool != NULL);
modpcre_cpat_data_t *cpdata;
modpcre_operator_data_t *operator_data;
ib_module_t *module;
modpcre_cfg_t *config;
ib_status_t rc;
const char *errptr;
int erroffset;
/* Get my module object */
rc = ib_engine_module_get(ib, MODULE_NAME_STR, &module);
if (rc != IB_OK) {
ib_log_error(ib, "Failed to get pcre module object: %s",
ib_status_to_string(rc));
return rc;
}
/* Get the context configuration */
rc = ib_context_module_config(ctx, module, &config);
if (rc != IB_OK) {
ib_log_error(ib, "Failed to get pcre module configuration: %s",
ib_status_to_string(rc));
return rc;
}
rc = pcre_compile_internal(ib,
pool,
config,
true,
&cpdata,
parameters,
&errptr,
&erroffset);
if (rc != IB_OK) {
ib_log_error(ib, "Failed to parse DFA operator pattern \"%s\":%s",
parameters, ib_status_to_string(rc));
return rc;
}
/* Allocate a rule data object, populate it */
operator_data = ib_mpool_alloc(pool, sizeof(*operator_data));
if (operator_data == NULL) {
return IB_EALLOC;
}
operator_data->cpdata = cpdata;
rc = dfa_id_set(pool, operator_data);
if (rc != IB_OK) {
ib_log_error(ib, "Error creating ID for DFA: %s",
ib_status_to_string(rc));
return rc;
}
ib_log_debug(ib, "Compiled DFA id=\"%s\" operator pattern \"%s\" @ %p",
operator_data->id, parameters, (void *)cpdata->cpatt);
*(modpcre_operator_data_t **)instance_data = operator_data;
return IB_OK;
}
/**
* Create the PCRE operator.
*
* @param[in] ctx Current context.
* @param[in] parameters Unparsed string with the parameters to
* initialize the operator instance.
* @param[out] instance_data Instance data.
* @param[in] cbdata Callback data.
*
* @returns IB_OK on success or IB_EALLOC on any other type of error.
*/
static
ib_status_t pcre_operator_create(
ib_context_t *ctx,
const char *parameters,
void *instance_data,
void *cbdata
)
{
assert(ctx != NULL);
assert(parameters != NULL);
assert(instance_data != NULL);
ib_engine_t *ib = ib_context_get_engine(ctx);
ib_mpool_t *pool = ib_context_get_mpool(ctx);
assert(ib != NULL);
assert(pool != NULL);
modpcre_cpat_data_t *cpdata = NULL;
modpcre_operator_data_t *operator_data = NULL;
ib_module_t *module;
modpcre_cfg_t *config;
ib_status_t rc;
const char *errptr;
int erroffset;
if (parameters == NULL) {
ib_log_error(ib, "No pattern for operator");
return IB_EINVAL;
}
/* Get my module object */
rc = ib_engine_module_get(ib, MODULE_NAME_STR, &module);
if (rc != IB_OK) {
ib_log_error(ib, "Failed to get pcre module object: %s",
ib_status_to_string(rc));
return rc;
}
/* Get the context configuration */
rc = ib_context_module_config(ctx, module, &config);
if (rc != IB_OK) {
ib_log_error(ib, "Failed to get pcre module configuration: %s",
ib_status_to_string(rc));
return rc;
}
/* Compile the pattern. Note that the rule data is an alias for
* the compiled pattern type */
rc = pcre_compile_internal(ib,
pool,
config,
false,
&cpdata,
parameters,
&errptr,
&erroffset);
if (rc != IB_OK) {
return rc;
}
/* Allocate a rule data object, populate it */
operator_data = ib_mpool_alloc(pool, sizeof(*operator_data));
if (operator_data == NULL) {
return IB_EALLOC;
}
operator_data->cpdata = cpdata;
operator_data->id = NULL; /* Not needed for rx rules */
/* Rule data is an alias for the compiled pattern data */
*(modpcre_operator_data_t **)instance_data = operator_data;
return rc;
}
static
ib_status_t sqli_dir_fingerprint_set(
ib_cfgparser_t *cp,
const char *directive_name,
const char *set_name,
const char *set_path,
void *cbdata
)
{
assert(cp != NULL);
assert(directive_name != NULL);
assert(set_name != NULL);
assert(set_path != NULL);
ib_status_t rc;
ib_context_t *ctx = NULL;
ib_module_t *m = NULL;
sqli_module_config_t *cfg = NULL;
sqli_fingerprint_set_t *ps = NULL;
ib_mm_t mm;
char *abs_set_path = NULL;
rc = ib_cfgparser_context_current(cp, &ctx);
assert(rc == IB_OK);
assert(ctx != NULL);
if (ctx != ib_context_main(cp->ib)) {
ib_cfg_log_error(cp,
"%s: Only valid at main context.", directive_name
);
return IB_EINVAL;
}
if (strcmp("default", set_name) == 0) {
ib_cfg_log_error(cp,
"%s: default is a reserved set name.", directive_name
);
return IB_EINVAL;
}
mm = ib_engine_mm_main_get(cp->ib);
rc = ib_engine_module_get(
ib_context_get_engine(ctx),
MODULE_NAME_STR,
&m
);
assert(rc == IB_OK);
rc = ib_context_module_config(ctx, m, &cfg);
assert(rc == IB_OK);
if (cfg->fingerprint_sets == NULL) {
rc = ib_hash_create(&cfg->fingerprint_sets, mm);
assert(rc == IB_OK);
}
assert(cfg->fingerprint_sets != NULL);
rc = ib_hash_get(cfg->fingerprint_sets, NULL, set_name);
if (rc == IB_OK) {
ib_cfg_log_error(cp,
"%s: Duplicate fingerprint set definition: %s",
directive_name, set_name
);
return IB_EINVAL;
}
assert(rc == IB_ENOENT);
abs_set_path = ib_util_relative_file(
ib_engine_mm_config_get(cp->ib),
ib_cfgparser_curr_file(cp),
set_path
);
if (abs_set_path == NULL) {
return IB_EALLOC;
}
rc = sqli_create_fingerprint_set_from_file(&ps, abs_set_path, mm);
if (rc != IB_OK) {
ib_cfg_log_error(cp,
"%s: Failure to load fingerprint set from file: %s",
directive_name, abs_set_path
);
return IB_EINVAL;
}
assert(ps != NULL);
rc = ib_hash_set(cfg->fingerprint_sets, ib_mm_strdup(mm, set_name), ps);
assert(rc == IB_OK);
return IB_OK;
}