📄 sf_dynamic_plugins.c
字号:
} else { if (plugin->prev) plugin->prev->next = plugin->next; if (plugin->next) plugin->next->prev = plugin->prev; } CloseDynamicLibrary(plugin->handle); free(plugin);}void AddPreprocessorPlugin(PluginHandle handle, InitPreprocessorLibFunc initFunc, DynamicPluginMeta *meta){ DynamicPreprocessorPlugin *newPlugin = NULL; newPlugin = (DynamicPreprocessorPlugin *)SnortAlloc(sizeof(DynamicPreprocessorPlugin)); newPlugin->handle = handle; if (!loadedPreprocessorPlugins) { loadedPreprocessorPlugins = newPlugin; } else { newPlugin->next = loadedPreprocessorPlugins; loadedPreprocessorPlugins->prev = newPlugin; loadedPreprocessorPlugins = newPlugin; } memcpy(&(newPlugin->metaData), meta, sizeof(DynamicPluginMeta)); newPlugin->metaData.libraryPath = strdup(meta->libraryPath); newPlugin->initFunc = initFunc;}void AddDetectionPlugin(PluginHandle handle, InitDetectionLibFunc initFunc, DynamicPluginMeta *meta){ DynamicDetectionPlugin *newPlugin = NULL; newPlugin = (DynamicDetectionPlugin *)SnortAlloc(sizeof(DynamicDetectionPlugin)); newPlugin->handle = handle; if (!loadedDetectionPlugins) { loadedDetectionPlugins = newPlugin; } else { newPlugin->next = loadedDetectionPlugins; loadedDetectionPlugins->prev = newPlugin; loadedDetectionPlugins = newPlugin; } memcpy(&(newPlugin->metaData), meta, sizeof(DynamicPluginMeta)); newPlugin->metaData.libraryPath = strdup(meta->libraryPath); newPlugin->initFunc = initFunc;}void RemoveDetectionPlugin(DynamicDetectionPlugin *plugin){ if (!plugin) return; if (plugin == loadedDetectionPlugins) { loadedDetectionPlugins = loadedDetectionPlugins->next; loadedDetectionPlugins->prev = NULL; } else { if (plugin->prev) plugin->prev->next = plugin->next; if (plugin->next) plugin->next->prev = plugin->prev; } LogMessage("Unloading dynamic detection library %s version %d.%d.%d\n", plugin->metaData.uniqueName, plugin->metaData.major, plugin->metaData.minor, plugin->metaData.build); CloseDynamicLibrary(plugin->handle); free(plugin);}int LoadDynamicDetectionLib(char *library_name, int indent){ DynamicPluginMeta metaData; /* Presume here, that library name is full path */ InitDetectionLibFunc detectionInit; PluginHandle handle;#ifdef SUP_IP6 LogMessage("%sDynamic detection library \"%s\" will not be loaded. Not " "supported with IPv6.\n", indent ? " " : "", library_name); return 0;#endif LogMessage("%sLoading dynamic detection library %s... ", indent ? " " : "", library_name); handle = openDynamicLibrary(library_name, 0); metaData.libraryPath = library_name; GetPluginVersion(handle, &metaData); /* Just to ensure that the function exists */ detectionInit = (InitDetectionLibFunc)getSymbol(handle, "InitializeDetection", &metaData, FATAL); if (!(metaData.type & TYPE_DETECTION)) { CloseDynamicLibrary(handle); LogMessage("failed, not a detection library\n"); return 0; } if (metaData.type & TYPE_ENGINE) { /* Do the engine initialization as well */ InitEngineLibFunc engineInit = (InitEngineLibFunc)getSymbol(handle, "InitializeEngine", &metaData, FATAL); AddEnginePlugin(handle, engineInit, &metaData); } AddDetectionPlugin(handle, detectionInit, &metaData); LogMessage("done\n"); return 0;}void CloseDynamicDetectionLibs(){ DynamicDetectionPlugin *plugin = loadedDetectionPlugins; while (plugin) { CloseDynamicLibrary(plugin->handle); plugin = plugin->next; }}void LoadAllDynamicDetectionLibs(char *path){ LogMessage("Loading all dynamic detection libs from %s...\n", path); LoadAllLibs(path, LoadDynamicDetectionLib); LogMessage(" Finished Loading all dynamic detection libs from %s\n", path);}void LoadAllDynamicDetectionLibsCurrPath(){ char path_buf[PATH_MAX]; char *ret = NULL; ret = getcwd(path_buf, PATH_MAX); if (ret == NULL) { FatalError("Path to current working directory longer than %d bytes: %s\n" "Could not load dynamic detection libs\n", PATH_MAX, strerror(errno)); } LoadAllDynamicDetectionLibs(path_buf);}void RemoveDuplicateEngines(){ int removed = 0; DynamicEnginePlugin *engine1; DynamicEnginePlugin *engine2; DynamicPluginMeta *meta1; DynamicPluginMeta *meta2; /* First the Detection Engines */ do { removed = 0; engine1 = loadedEngines; while (engine1 != NULL) { engine2 = loadedEngines; while (engine2 != NULL) { /* Obviously, the same ones will be the same */ if (engine1 != engine2) { meta1 = &engine1->metaData; meta2 = &engine2->metaData; if (!strcmp(meta1->uniqueName, meta2->uniqueName)) { /* Uh, same uniqueName. */ if ((meta1->major > meta2->major) || ((meta1->major == meta2->major) && (meta1->minor > meta2->minor)) || ((meta1->major == meta2->major) && (meta1->minor == meta2->minor) && (meta1->build > meta2->build)) ) { /* Lib1 is newer */ RemoveEnginePlugin(engine2); removed = 1; break; } else if ((meta2->major > meta1->major) || ((meta2->major == meta1->major) && (meta2->minor > meta1->minor)) || ((meta2->major == meta1->major) && (meta2->minor == meta1->minor) && (meta2->build > meta1->build)) ) { /* Lib2 is newer */ RemoveEnginePlugin(engine1); removed = 1; break; } else if ((meta1->major == meta2->major) && (meta1->minor == meta2->minor) && (meta1->build == meta2->build) ) { /* Duplicate */ RemoveEnginePlugin(engine2); removed = 1; break; } } } /* If we removed anything, start back at the beginning */ if (removed) break; engine2 = engine2->next; } /* If we removed anything, start back at the beginning */ if (removed) break; engine1 = engine1->next; } } while (removed);}void RemoveDuplicateDetectionPlugins(){ int removed = 0; DynamicDetectionPlugin *lib1 = NULL; DynamicDetectionPlugin *lib2 = NULL; DynamicPluginMeta *meta1; DynamicPluginMeta *meta2; /* Detection Plugins */ do { removed = 0; lib1 = loadedDetectionPlugins; while (lib1 != NULL) { lib2 = loadedDetectionPlugins; while (lib2 != NULL) { /* Obviously, the same ones will be the same */ if (lib1 != lib2) { meta1 = &lib1->metaData; meta2 = &lib2->metaData; if (!strcmp(meta1->uniqueName, meta2->uniqueName)) { /* Uh, same uniqueName. */ if ((meta1->major > meta2->major) || ((meta1->major == meta2->major) && (meta1->minor > meta2->minor)) || ((meta1->major == meta2->major) && (meta1->minor == meta2->minor) && (meta1->build > meta2->build)) ) { /* Lib1 is newer */ RemoveDetectionPlugin(lib2); removed = 1; break; } else if ((meta2->major > meta1->major) || ((meta2->major == meta1->major) && (meta2->minor > meta1->minor)) || ((meta2->major == meta1->major) && (meta2->minor == meta1->minor) && (meta2->build > meta1->build)) ) { /* Lib2 is newer */ RemoveDetectionPlugin(lib1); removed = 1; break; } else if ((meta1->major == meta2->major) && (meta1->minor == meta2->minor) && (meta1->build == meta2->build) ) { /* Duplicate */ RemoveDetectionPlugin(lib2); removed = 1; break; } } } /* If we removed anything, start back at the beginning */ if (removed) break; lib2 = lib2->next; } /* If we removed anything, start back at the beginning */ if (removed) break; lib1 = lib1->next; } } while (removed);}void RemoveDuplicatePreprocessorPlugins(){ int removed = 0; DynamicPreprocessorPlugin *pp1 = NULL; DynamicPreprocessorPlugin *pp2 = NULL; DynamicPluginMeta *meta1; DynamicPluginMeta *meta2; /* The Preprocessor Plugins */ do { removed = 0; pp1 = loadedPreprocessorPlugins; while (pp1 != NULL) { pp2 = loadedPreprocessorPlugins; while (pp2 != NULL) { /* Obviously, the same ones will be the same */ if (pp1 != pp2) { meta1 = &pp1->metaData; meta2 = &pp2->metaData; if (!strcmp(meta1->uniqueName, meta2->uniqueName)) { /* Uh, same uniqueName. */ if ((meta1->major > meta2->major) || ((meta1->major == meta2->major) && (meta1->minor > meta2->minor)) || ((meta1->major == meta2->major) && (meta1->minor == meta2->minor) && (meta1->build > meta2->build)) ) { /* Lib1 is newer */ RemovePreprocessorPlugin(pp2); removed = 1; break; } else if ((meta2->major > meta1->major) || ((meta2->major == meta1->major) && (meta2->minor > meta1->minor)) || ((meta2->major == meta1->major) && (meta2->minor == meta1->minor) && (meta2->build > meta1->build)) ) { /* Lib2 is newer */ RemovePreprocessorPlugin(pp1); removed = 1; break; } else if ((meta1->major == meta2->major) && (meta1->minor == meta2->minor) && (meta1->build == meta2->build) ) { /* Duplicate */ RemovePreprocessorPlugin(pp2); removed = 1; break; } } } /* If we removed anything, start back at the beginning */ if (removed) break; pp2 = pp2->next; } /* If we removed anything, start back at the beginning */ if (removed) break; pp1 = pp1->next; } } while (removed);}void VerifyDetectionPluginRequirements(){ DynamicDetectionPlugin *lib1 = NULL; /* Remove all the duplicates */ RemoveDuplicateDetectionPlugins(); /* Cycle through all of them, and ensure that the required * detection engine is loaded. */ lib1 = loadedDetectionPlugins; while (lib1 != NULL) { /* Do this check if this library is a DETECTION plugin only. * If it also has an internal engine, we're fine. */ if (lib1->metaData.type == TYPE_DETECTION) { RequiredEngineLibFunc engineFunc; DynamicPluginMeta reqEngineMeta; DynamicEnginePlugin *plugin = loadedEngines; int detectionLibOkay = 0; engineFunc = (RequiredEngineLibFunc) getSymbol(lib1->handle, "EngineVersion", &(lib1->metaData), FATAL); engineFunc(&reqEngineMeta); while (plugin != NULL) { /* Exact match. Yes! */ if (!strcmp(plugin->metaData.uniqueName, reqEngineMeta.uniqueName) && plugin->metaData.major == reqEngineMeta.major && plugin->metaData.minor == reqEngineMeta.minor) { detectionLibOkay = 1; break; } /* Major match, minor must be >= */ if (!strcmp(plugin->metaData.uniqueName, reqEngineMeta.uniqueName) && plugin->metaData.major == reqEngineMeta.major && plugin->metaData.minor >= reqEngineMeta.minor) { detectionLibOkay = 1; break; } /* Major must be >= -- this assumes newer engine is * bass-ackwards compatabile */ if (!strcmp(plugin->metaData.uniqueName, reqEngineMeta.uniqueName) && plugin->metaData.major > reqEngineMeta.major) { detectionLibOkay = 1; break; } plugin = plugin->next; } if (!detectionLibOkay) { FatalError("Loaded dynamic detection plugin %s (version %d:%d:%d) " "could not find required engine plugin %s(version %d:%d)\n", lib1->metaData.uniqueName, lib1->metaData.major, lib1->metaData.minor, lib1->metaData.build, reqEngineMeta.uniqueName, reqEngineMeta.major, reqEngineMeta.minor); } } lib1 = lib1->next; }}int InitDynamicEnginePlugins(DynamicEngineData *info)⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -