"Fossies" - the Fresh Open Source Software Archive 
Member "snort-2.9.17/src/dynamic-plugins/sf_dynamic_preprocessor.h" (16 Oct 2020, 26424 Bytes) of package /linux/misc/snort-2.9.17.tar.gz:
As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style:
standard) with prefixed line numbers and
code folding option.
Alternatively you can here
view or
download the uninterpreted source code file.
For more information about "sf_dynamic_preprocessor.h" see the
Fossies "Dox" file reference documentation and the latest
Fossies "Diffs" side-by-side code changes report:
2.9.16.1_vs_2.9.17.
1 /*
2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License Version 2 as
4 * published by the Free Software Foundation. You may not use, modify or
5 * distribute this program under any other version of the GNU General
6 * Public License.
7 *
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
12 *
13 * You should have received a copy of the GNU General Public License
14 * along with this program; if not, write to the Free Software
15 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
16 *
17 * Copyright (C) 2014-2020 Cisco and/or its affiliates. All rights reserved.
18 * Copyright (C) 2005-2013 Sourcefire, Inc.
19 *
20 * Author: Steven Sturges
21 *
22 * Dynamic Library Loading for Snort
23 *
24 */
25 #ifndef _SF_DYNAMIC_PREPROCESSOR_H_
26 #define _SF_DYNAMIC_PREPROCESSOR_H_
27
28 #include <ctype.h>
29 #ifdef SF_WCHAR
30 #include <wchar.h>
31 #endif
32 #include "sf_dynamic_meta.h"
33 #include "ipv6_port.h"
34 #include "obfuscation.h"
35
36 /* specifies that a function does not return
37 * used for quieting Visual Studio warnings
38 */
39 #ifdef WIN32
40 #if _MSC_VER >= 1400
41 #define NORETURN __declspec(noreturn)
42 #else
43 #define NORETURN
44 #endif
45 #else
46 #define NORETURN
47 #endif
48
49 #ifdef PERF_PROFILING
50 #ifndef PROFILE_PREPROCS_NOREDEF /* Don't redefine this from the main area */
51 #ifdef PROFILING_PREPROCS
52 #undef PROFILING_PREPROCS
53 #endif
54 #define PROFILING_PREPROCS _dpd.profilingPreprocsFunc()
55 #endif
56 #endif
57
58 #define PREPROCESSOR_DATA_VERSION 28
59
60 #include "sf_dynamic_common.h"
61 #include "sf_dynamic_engine.h"
62 #include "session_api.h"
63 #include "stream_api.h"
64 #include "str_search.h"
65 #include "obfuscation.h"
66 /*#include "sfportobject.h" */
67 #include "sfcontrol.h"
68 #ifdef SIDE_CHANNEL
69 #include "sidechannel_define.h"
70 #endif
71 #include "idle_processing.h"
72 #include "file_api.h"
73 #include "reload_api.h"
74
75 struct _PreprocStats;
76
77 #define MINIMUM_DYNAMIC_PREPROC_ID 10000
78 typedef void (*PreprocessorInitFunc)(struct _SnortConfig *, char *);
79 typedef void * (*AddPreprocFunc)(struct _SnortConfig *, void (*pp_func)(void *, void *), uint16_t, uint32_t, uint32_t);
80 typedef void * (*AddMetaEvalFunc)(struct _SnortConfig *, void (*meta_eval_func)(int, const uint8_t *),
81 uint16_t priority, uint32_t preproc_id);
82 typedef void (*AddPreprocExit)(void (*pp_exit_func) (int, void *), void *arg, uint16_t, uint32_t);
83 typedef void (*AddPreprocUnused)(void (*pp_unused_func) (int, void *), void *arg, uint16_t, uint32_t);
84 typedef void (*AddPreprocConfCheck)(struct _SnortConfig *, int (*pp_conf_chk_func) (struct _SnortConfig *));
85 typedef void (*AddToPostConfList)(struct _SnortConfig *sc, void (*post_config_func)(struct _SnortConfig *, int , void *), void *arg);
86 typedef int (*AlertQueueAdd)(uint32_t, uint32_t, uint32_t,
87 uint32_t, uint32_t, const char *, void *);
88 typedef uint32_t (*GenSnortEvent)(Packet *p, uint32_t gid, uint32_t sid, uint32_t rev,
89 uint32_t classification, uint32_t priority, const char *msg);
90 #ifdef SNORT_RELOAD
91 typedef void (*PreprocessorReloadFunc)(struct _SnortConfig *, char *, void **);
92 typedef int (*PreprocessorReloadVerifyFunc)(struct _SnortConfig *, void *);
93 typedef void * (*PreprocessorReloadSwapFunc)(struct _SnortConfig *, void *);
94 typedef void (*PreprocessorReloadSwapFreeFunc)(void *);
95 #endif
96
97 #ifndef SNORT_RELOAD
98 typedef void (*PreprocRegisterFunc)(const char *, PreprocessorInitFunc);
99 #else
100 typedef void (*PreprocRegisterFunc)(const char *, PreprocessorInitFunc,
101 PreprocessorReloadFunc,
102 PreprocessorReloadVerifyFunc,
103 PreprocessorReloadSwapFunc,
104 PreprocessorReloadSwapFreeFunc);
105 typedef void *(*GetRelatedReloadDataFunc)(struct _SnortConfig *, const char *);
106 #endif
107 typedef int (*ThresholdCheckFunc)(unsigned int, unsigned int, sfaddr_t*, sfaddr_t*, long);
108 typedef void (*InlineDropFunc)(void *);
109 typedef bool (*ActivePacketWasDroppedFunc)(void);
110 typedef bool (*InlineRetryFunc)(void *);
111 typedef void (*ActiveEnableFunc)(int);
112 typedef void (*DisableDetectFunc)(void *);
113 typedef void (*EnableDetectFunc)(void );
114 typedef int (*EnablePreprocessorFunc)(void *, uint32_t);
115 typedef int (*DetectFunc)(void *);
116 typedef void *(*GetRuleInfoByNameFunc)(char *);
117 typedef void *(*GetRuleInfoByIdFunc)(int);
118 typedef int (*printfappendfunc)(char *, int, const char *, ...);
119 typedef char ** (*TokenSplitFunc)(const char *, const char *, const int, int *, const char);
120 typedef void (*TokenFreeFunc)(char ***, int);
121 typedef void (*PreprocStatsNodeFreeFunc)(struct _PreprocStats *stats);
122 typedef void (*AddPreprocProfileFunc)(const char *, void *, int, void *, PreprocStatsNodeFreeFunc freefn);
123 typedef int (*ProfilingFunc)(void);
124 typedef int (*PreprocessFunc)(void *);
125 #ifdef DUMP_BUFFER
126 typedef void (*BufferDumpRegisterFunc)(TraceBuffer * (*)(), unsigned int);
127 #endif
128 typedef void (*PreprocStatsRegisterFunc)(const char *, void (*pp_stats_func)(int));
129 typedef void (*AddPreprocReset)(void (*pp_rst_func) (int, void *), void *arg, uint16_t, uint32_t);
130 typedef void (*AddPreprocResetStats)(void (*pp_rst_stats_func) (int, void *), void *arg, uint16_t, uint32_t);
131 typedef void (*AddPreprocReassemblyPktFunc)(void * (*pp_reass_pkt_func)(void), uint32_t);
132 typedef int (*SetPreprocReassemblyPktBitFunc)(void *, uint32_t);
133 typedef void (*DisablePreprocessorsFunc)(void *);
134 typedef char** (*DynamicGetHttpXffFieldsFunc)(int* nFields);
135 #ifdef TARGET_BASED
136 typedef int16_t (*FindProtocolReferenceFunc)(const char *);
137 typedef int16_t (*AddProtocolReferenceFunc)(const char *);
138 #if defined(FEAT_OPEN_APPID)
139 typedef const char * (*FindProtocolNameFunc)(int16_t);
140 #endif /* defined(FEAT_OPEN_APPID) */
141 typedef int (*IsAdaptiveConfiguredFunc)(void);
142 typedef int (*IsAdaptiveConfiguredForSnortConfigFunc)(struct _SnortConfig *);
143 #endif
144 typedef void (*IP6BuildFunc)(void *, const void *, int);
145 #define SET_CALLBACK_IP 0
146 #define SET_CALLBACK_ICMP_ORIG 1
147 typedef void (*IP6SetCallbacksFunc)(void *, int, char);
148 typedef void (*AddKeywordOverrideFunc)(struct _SnortConfig *, char *, char *, PreprocOptionInit,
149 PreprocOptionEval, PreprocOptionCleanup, PreprocOptionHash,
150 PreprocOptionKeyCompare, PreprocOptionOtnHandler,
151 PreprocOptionFastPatternFunc);
152 typedef void (*AddKeywordByteOrderFunc)(char *, PreprocOptionByteOrderFunc);
153
154 typedef int (*IsPreprocEnabledFunc)(struct _SnortConfig *, uint32_t);
155
156 typedef char * (*PortArrayFunc)(char *, PortObject *, int *);
157
158 typedef int (*AlertQueueLog)(void *);
159 typedef void (*AlertQueueControl)(void); /* reset, push, and pop */
160 typedef void (*SetPolicyFunc)(struct _SnortConfig *, tSfPolicyId);
161 typedef tSfPolicyId (*GetPolicyFromIdFunc)(uint16_t );
162 typedef void (*ChangePolicyFunc)(tSfPolicyId, void *p);
163 typedef void (*SetFileDataPtrFunc)(uint8_t *,uint16_t );
164 typedef void (*DetectResetFunc)(uint8_t *,uint16_t );
165 typedef void (*SetAltDecodeFunc)(uint16_t );
166 typedef void (*DetectFlagEnableFunc)(SFDetectFlagType);
167 typedef long (*DynamicStrtol)(const char *, char **, int);
168 typedef unsigned long(*DynamicStrtoul)(const char *, char **, int);
169 typedef const char* (*DynamicStrnStr)(const char *, int, const char *);
170 typedef const char* (*DynamicStrcasestr)(const char *, int, const char *);
171 typedef int (*DynamicStrncpy)(char *, const char *, size_t );
172 typedef const char* (*DynamicStrnPbrk)(const char *, int , const char *);
173
174 typedef int (*EvalRTNFunc)(void *rtn, void *p, int check_ports);
175
176 typedef void* (*EncodeNew)(void);
177 typedef void (*EncodeDelete)(void*);
178 typedef void (*EncodeUpdate)(void*);
179 typedef int (*EncodeFormat)(uint32_t, const void*, void*, int);
180
181 typedef void* (*NewGrinderPktPtr)(void *, void *, uint8_t *);
182 typedef void (*DeleteGrinderPktPtr)(void*);
183 typedef bool (*PafEnabledFunc)(void);
184 typedef time_t (*SCPacketTimeFunc)(void);
185 typedef void (*SCGetPktTimeOfDay)(struct timeval *tv);
186
187 #ifdef SIDE_CHANNEL
188 typedef bool (*SCEnabledFunc)(void);
189 typedef int (*SCRegisterRXHandlerFunc)(uint16_t type, SCMProcessMsgFunc processMsgFunc, void *data);
190 typedef int (*SCPreallocMessageTXFunc)(uint32_t length, SCMsgHdr **hdr, uint8_t **msg_ptr, void **msg_handle);
191 typedef int (*SCEnqueueMessageTXFunc)(SCMsgHdr *hdr, const uint8_t *msg, uint32_t length, void *msg_handle, SCMQMsgFreeFunc msgFreeFunc);
192 #endif
193
194
195
196 typedef char* (*GetLogDirectory)(void);
197
198 typedef int (*ControlSocketRegisterHandlerFunc)(uint16_t, OOBPreControlFunc, IBControlFunc,
199 OOBPostControlFunc);
200
201 typedef int (*RegisterIdleHandler)(IdleProcessingHandler);
202 #ifdef ACTIVE_RESPONSE
203 #define SND_BLK_RESP_FLAG_DO_CLIENT 1
204 #define SND_BLK_RESP_FLAG_DO_SERVER 2
205 typedef void (*DynamicSendBlockResponse)(void *packet, const uint8_t* buffer, uint32_t buffer_len, unsigned flags);
206 typedef void (*ActiveInjectDataFunc)(void *, uint32_t, const uint8_t *, uint32_t);
207 typedef void (*ActiveSendForwardResetFunc)(void *);
208 typedef void (*ActiveResponseFunc )(void *, const uint8_t *, uint32_t , uint32_t);
209 // NOTE: DynamicActive_ResponseFunc must match func ptr def Active_ResponseFunc in active.h
210 typedef void (*DynamicActive_ResponseFunc)(Packet *packet, void* data);
211 typedef int (*ActiveQueueResponseFunc )(DynamicActive_ResponseFunc cb, void *);
212 #endif
213 typedef int (*DynamicSetFlowId)(const void* p, uint32_t id);
214 #ifdef HAVE_DAQ_EXT_MODFLOW
215 typedef int (*DynamicModifyFlow)(const DAQ_PktHdr_t *hdr, const DAQ_ModFlow_t* mod);
216 #endif
217 #ifdef HAVE_DAQ_QUERYFLOW
218 typedef int (*DynamicQueryFlow)(const DAQ_PktHdr_t *hdr, DAQ_QueryFlow_t* query);
219 #endif
220
221 #if defined(DAQ_VERSION) && DAQ_VERSION > 8
222 typedef void (*DynamicDebugPkt)(uint8_t moduleId, uint8_t logLevel, const DAQ_Debug_Packet_Params_t *params, const char *msg, ...);
223 #endif
224
225 #if defined(DAQ_VERSION) && DAQ_VERSION > 9
226 typedef int (*DynamicIoctl)(unsigned int type, char *buffer, size_t *len);
227 #endif
228
229 typedef int (*DynamicIsStrEmpty)(const char * );
230 typedef void (*AddPeriodicCheck)(void (*pp_check_func) (int, void *), void *arg, uint16_t, uint32_t, uint32_t);
231 typedef void (*AddPostConfigFuncs)(struct _SnortConfig *, void (*pp_post_config_func) (struct _SnortConfig *, void *), void *arg);
232 typedef int (*AddOutPutModule)(const char *filename);
233 typedef int (*CanWhitelist)(void);
234
235 #if defined(DAQ_CAPA_CST_TIMEOUT)
236 typedef bool (*CanGetTimeout)(void);
237 typedef void (*GetDaqCapaTimeOutFunc)(bool);
238 typedef void (*RegisterGetDaqCapaTimeoutFunc)(GetDaqCapaTimeOutFunc);
239 GetDaqCapaTimeOutFunc getDaqCapaTimeoutFnPtr;
240 #endif
241
242 typedef void (*DisableAllPoliciesFunc)(struct _SnortConfig *);
243 typedef int (*ReenablePreprocBitFunc)(struct _SnortConfig *, unsigned int preproc_id);
244 typedef int (*DynamicCheckValueInRangeFunc)(const char *, char *,
245 unsigned long lo, unsigned long hi, unsigned long *value);
246 typedef bool (*DynamicReadyForProcessFunc) (void* pkt);
247 typedef int (*SslAppIdLookupFunc)(void * ssnptr, const char * serverName, const char * commonName, int32_t *serviceAppId, int32_t *clientAppId, int32_t *payloadAppId);
248 typedef void (*RegisterSslAppIdLookupFunc)(SslAppIdLookupFunc);
249
250 typedef int32_t (*GetAppIdFunc)(void *ssnptr);
251 typedef void (*RegisterGetAppIdFunc)(GetAppIdFunc);
252
253 typedef struct urlQueryContext* (*UrlQueryCreateFunc)(const char *url);
254 typedef void (*UrlQueryDestroyFunc)(struct urlQueryContext *context);
255 typedef int (*UrlQueryMatchFunc)(void *ssnptr, struct urlQueryContext *context, uint16_t inUrlCat, uint16_t inUrlMinRep, uint16_t inUrlMaxRep);
256 typedef void (*RegisterUrlQueryFunc)(UrlQueryCreateFunc, UrlQueryDestroyFunc,UrlQueryMatchFunc);
257
258 typedef int (*UserGroupIdGetFunc)(void *ssnptr, uint32_t *userId, uint32_t *realmId, unsigned *groupIdArray, unsigned groupIdArrayLen);
259 typedef void (*RegisterUserGroupIdGetFunc)(UserGroupIdGetFunc);
260
261 typedef int (*GeoIpAddressLookupFunc)(const sfaddr_t *snortIp, uint16_t *geo);
262 typedef void (*RegisterGeoIpAddressLookupFunc)(GeoIpAddressLookupFunc);
263
264 typedef void (*UpdateSSLSSnLogDataFunc)(void *ssnptr, uint8_t logging_on, uint8_t action_is_block, const char *ssl_cert_fingerprint,
265 uint32_t ssl_cert_fingerprint_len, uint32_t ssl_cert_status, uint8_t *ssl_policy_id,
266 uint32_t ssl_policy_id_len, uint32_t ssl_rule_id, uint16_t ssl_cipher_suite, uint8_t ssl_version,
267 uint16_t ssl_actual_action, uint16_t ssl_expected_action, uint32_t ssl_url_category,
268 uint16_t ssl_flow_status, uint32_t ssl_flow_error, uint32_t ssl_flow_messages,
269 uint64_t ssl_flow_flags, char *ssl_server_name, uint8_t *ssl_session_id, uint8_t session_id_len,
270 uint8_t *ssl_ticket_id, uint8_t ticket_id_len);
271 typedef void (*RegisterUpdateSSLSSnLogDataFunc)(UpdateSSLSSnLogDataFunc);
272
273 typedef void (*EndSSLSSnLogDataFunc)(void *ssnptr, uint32_t ssl_flow_messages, uint64_t ssl_flow_flags) ;
274 typedef void (*RegisterEndSSLSSnLogDataFunc)(EndSSLSSnLogDataFunc);
275
276 typedef int (*GetSSLActualActionFunc)(void *ssnptr, uint16_t *action);
277 typedef void (*RegisterGetSSLActualActionFunc)(GetSSLActualActionFunc);
278
279 typedef void (*GetIntfDataFunc)(void *ssnptr,int32_t *ingressIntfIndex, int32_t *egressIntfIndex,
280 int32_t *ingressZoneIndex, int32_t *egressZoneIndex) ;
281 typedef void (*RegisterGetIntfDataFunc)(GetIntfDataFunc);
282
283 typedef void (*SetTlsHostAppIdFunc)(void *ssnptr, const char *serverName, const char *commonName,
284 const char *orgName, const char *subjectAltName, bool isSniMismatch,
285 int32_t *serviceAppId, int32_t *clientAppId, int32_t *payloadAppId);
286 typedef void (*RegisterSetTlsHostAppIdFunc)(SetTlsHostAppIdFunc);
287
288 //
289 // SSL Callbacks
290 //
291 typedef bool (*DynamicIsSSLPolicyEnabledFunc)(struct _SnortConfig *sc);
292 typedef void (*DynamicSetSSLPolicyEnabledFunc)(struct _SnortConfig *sc, tSfPolicyId policy, bool value);
293 typedef void (*SetSSLCallbackFunc)(void *);
294 typedef void* (*GetSSLCallbackFunc)(void);
295
296 typedef int (*_LoadLibraryFunc)(struct _SnortConfig *sc, const char * const path, int indent);
297 typedef void (*LoadAllLibsFunc)(struct _SnortConfig *sc, const char * const path, _LoadLibraryFunc loadFunc);
298 typedef void * _PluginHandle;
299 typedef _PluginHandle (*OpenDynamicLibraryFunc)(const char * const library_name, int useGlobal);
300 typedef void (*_dlsym_func)(void);
301 typedef _dlsym_func (*GetSymbolFunc)(_PluginHandle handle, char * symbol, DynamicPluginMeta * meta, int fatal);
302 typedef void (*CloseDynamicLibraryFunc)(_PluginHandle handle);
303
304 #if defined(FEAT_OPEN_APPID)
305 typedef bool (*IsAppIdRequiredFunc)(void);
306 typedef void (*RegisterIsAppIdRequiredFunc)(IsAppIdRequiredFunc);
307 typedef void (*UnregisterIsAppIdRequiredFunc)(IsAppIdRequiredFunc);
308 struct AppIdApi;
309 #endif /* defined(FEAT_OPEN_APPID) */
310
311 typedef bool (*ReadModeFunc)(void);
312
313 typedef int (*GetPerfIndicatorsFunc)(void *Request);
314
315 typedef uint32_t (*GetSnortPacketLatencyFunc)(void);
316
317 typedef double (*GetSnortPacketDropPortionFunc)(void);
318
319 typedef bool (*IsTestModeFunc)(void);
320
321 typedef struct _SnortConfig* (*GetCurrentSnortConfigFunc)(void);
322
323 typedef void (*AddPktTraceDataFunc)(int module, int traceLen);
324
325 typedef const char* (*GetPktTraceActionMsgFunc)();
326
327 #ifdef SNORT_RELOAD
328 typedef int (*ReloadAdjustRegisterFunc)(struct _SnortConfig* sc, const char* raName,
329 tSfPolicyId raPolicyId, ReloadAdjustFunc raFunc,
330 void *raUserData, ReloadAdjustUserFreeFunc raUserFreeFunc);
331 #endif
332
333 typedef int (*DynamicSetPreserveFlow)(const void* p);
334
335 // IPrep Last update count
336 typedef void (*IprepUpdateCountFunc)(uint8_t);
337
338 typedef int (*RegisterMemoryStatsFunc)(uint preproc, char* preproc_name,
339 int (*MemoryStatsDisplayFunc)(char *buffer));
340
341 typedef void* (*SnortAllocFunc)(int num, unsigned long size, uint32_t preproc, bool data);
342
343 typedef void (*SnortFreeFunc)(void * ptr, uint32_t size, uint32_t preproc, bool data);
344 typedef bool (*ReputationProcessExternalIpFunc)(void *p, sfaddr_t* ip);
345 typedef void (*RegisterReputationProcessExternalFunc)(ReputationProcessExternalIpFunc);
346 typedef int (*ReputationGetEntryCountFunc)(void);
347 typedef void (*RegisterReputationGetEntryCountFunc)(ReputationGetEntryCountFunc);
348 /* FTP data transfer mode */
349 typedef bool (*ftpGetModefunc)(void *ssnptr);
350 typedef void (*RegisterFtpQueryModefunc)(ftpGetModefunc);
351 typedef void (*LogMsgThrottled)(void*, const char *, ...);
352
353 #define ENC_DYN_FWD 0x80000000
354 #define ENC_DYN_NET 0x10000000
355
356 /* Info Data passed to dynamic preprocessor plugin must include:
357 * version
358 * Pointer to AltDecodeBuffer
359 * Pointer to HTTP URI Buffers
360 * Pointer to functions to log Messages, Errors, Fatal Errors
361 * Pointer to function to add preprocessor to list of configure Preprocs
362 * Pointer to function to regsiter preprocessor configuration keyword
363 * Pointer to function to create preprocessor alert
364 */
365 typedef struct _DynamicPreprocessorData
366 {
367 int version;
368 int size;
369
370 SFDataBuffer *altBuffer;
371 SFDataPointer *altDetect;
372 SFDataPointer *fileDataBuf;
373
374 LogMsgFunc logMsg;
375 LogMsgFunc errMsg;
376 LogMsgFunc fatalMsg;
377 DebugMsgFunc debugMsg;
378 LogMsgThrottled errMsgThrottled;
379
380 PreprocRegisterFunc registerPreproc;
381 #ifdef SNORT_RELOAD
382 GetRelatedReloadDataFunc getRelatedReloadData;
383 #endif
384 AddPreprocFunc addPreproc;
385 AddPreprocFunc addPreprocAllPolicies;
386 GetSnortInstance getSnortInstance;
387 AddPreprocExit addPreprocExit;
388 AddPreprocConfCheck addPreprocConfCheck;
389 RegisterPreprocRuleOpt preprocOptRegister;
390 AddPreprocProfileFunc addPreprocProfileFunc;
391 ProfilingFunc profilingPreprocsFunc;
392 void *totalPerfStats;
393
394 AlertQueueAdd alertAdd;
395 GenSnortEvent genSnortEvent;
396 ThresholdCheckFunc thresholdCheck;
397 #ifdef ACTIVE_RESPONSE
398 ActiveEnableFunc activeSetEnabled;
399 #endif
400
401 DetectFunc detect;
402 DisableDetectFunc disableDetect;
403 DisableDetectFunc disableAllDetect;
404 DisableDetectFunc disablePacketAnalysis;
405 EnableDetectFunc enableContentDetect;
406 EnablePreprocessorFunc enablePreprocessor;
407
408 SessionAPI *sessionAPI;
409 StreamAPI *streamAPI;
410 SearchAPI *searchAPI;
411
412 char **config_file;
413 int *config_line;
414 printfappendfunc printfappend;
415 TokenSplitFunc tokenSplit;
416 TokenFreeFunc tokenFree;
417
418 GetRuleInfoByNameFunc getRuleInfoByName;
419 GetRuleInfoByIdFunc getRuleInfoById;
420 #ifdef SF_WCHAR
421 DebugWideMsgFunc debugWideMsg;
422 #endif
423
424 PreprocessFunc preprocess;
425 #ifdef DUMP_BUFFER
426 BufferDumpRegisterFunc registerBufferTracer;
427 #endif
428 char **debugMsgFile;
429 int *debugMsgLine;
430
431 PreprocStatsRegisterFunc registerPreprocStats;
432 AddPreprocReset addPreprocReset;
433 AddPreprocResetStats addPreprocResetStats;
434 DisablePreprocessorsFunc disablePreprocessors;
435
436 IP6BuildFunc ip6Build;
437 IP6SetCallbacksFunc ip6SetCallbacks;
438
439 AlertQueueLog logAlerts;
440 AlertQueueControl resetAlerts;
441 AlertQueueControl pushAlerts;
442 AlertQueueControl popAlerts;
443
444 #ifdef TARGET_BASED
445 FindProtocolReferenceFunc findProtocolReference;
446 AddProtocolReferenceFunc addProtocolReference;
447 IsAdaptiveConfiguredFunc isAdaptiveConfigured;
448 IsAdaptiveConfiguredForSnortConfigFunc isAdaptiveConfiguredForSnortConfig;
449 #endif
450
451 AddKeywordOverrideFunc preprocOptOverrideKeyword;
452 AddKeywordByteOrderFunc preprocOptByteOrderKeyword;
453 IsPreprocEnabledFunc isPreprocEnabled;
454
455 PortArrayFunc portObjectCharPortArray;
456
457 GetPolicyFunc getNapRuntimePolicy;
458 GetPolicyFunc getIpsRuntimePolicy;
459 GetParserPolicyFunc getParserPolicy;
460 GetPolicyFunc getDefaultPolicy;
461 SetPolicyFunc setParserPolicy;
462 SetFileDataPtrFunc setFileDataPtr;
463 DetectResetFunc DetectReset;
464 SetAltDecodeFunc SetAltDecode;
465 GetAltDetectFunc GetAltDetect;
466 SetAltDetectFunc SetAltDetect;
467 IsDetectFlagFunc Is_DetectFlag;
468 DetectFlagDisableFunc DetectFlag_Disable;
469 DynamicStrtol SnortStrtol;
470 DynamicStrtoul SnortStrtoul;
471 DynamicStrnStr SnortStrnStr;
472 DynamicStrncpy SnortStrncpy;
473 DynamicStrnPbrk SnortStrnPbrk;
474 DynamicStrcasestr SnortStrcasestr;
475 EvalRTNFunc fpEvalRTN;
476
477 ObfuscationApi *obApi;
478
479 EncodeNew encodeNew;
480 EncodeDelete encodeDelete;
481 EncodeFormat encodeFormat;
482 EncodeUpdate encodeUpdate;
483
484 NewGrinderPktPtr newGrinderPkt;
485 DeleteGrinderPktPtr deleteGrinderPkt;
486
487 AddPreprocFunc addDetect;
488 PafEnabledFunc isPafEnabled;
489 SCPacketTimeFunc pktTime;
490 SCGetPktTimeOfDay getPktTimeOfDay;
491 #ifdef SIDE_CHANNEL
492 SCEnabledFunc isSCEnabled;
493 SCRegisterRXHandlerFunc scRegisterRXHandler;
494 SCPreallocMessageTXFunc scAllocMessageTX;
495 SCEnqueueMessageTXFunc scEnqueueMessageTX;
496 #endif
497
498 GetLogDirectory getLogDirectory;
499
500 ControlSocketRegisterHandlerFunc controlSocketRegisterHandler;
501 RegisterIdleHandler registerIdleHandler;
502
503 GetPolicyFromIdFunc getPolicyFromId;
504 ChangePolicyFunc changeNapRuntimePolicy;
505 ChangePolicyFunc changeIpsRuntimePolicy;
506 InlineDropFunc inlineDropPacket;
507 InlineDropFunc inlineForceDropPacket;
508 InlineDropFunc inlineDropSessionAndReset;
509 InlineDropFunc inlineForceDropSession;
510 InlineDropFunc inlineForceDropSessionAndReset;
511 ActivePacketWasDroppedFunc active_PacketWasDropped;
512 InlineRetryFunc inlineRetryPacket;
513 DynamicIsStrEmpty SnortIsStrEmpty;
514 AddMetaEvalFunc addMetaEval;
515 #ifdef ACTIVE_RESPONSE
516 DynamicSendBlockResponse dynamicSendBlockResponse;
517 #endif
518 DynamicSetFlowId dynamicSetFlowId;
519 #ifdef HAVE_DAQ_EXT_MODFLOW
520 DynamicModifyFlow dynamicModifyFlow;
521 #endif
522 #ifdef HAVE_DAQ_QUERYFLOW
523 DynamicQueryFlow dynamicQueryFlow;
524 #endif
525
526 #if defined(DAQ_VERSION) && DAQ_VERSION > 8
527 DynamicDebugPkt dynamicDebugPkt;
528 #endif
529
530 #if defined(DAQ_VERSION) && DAQ_VERSION > 9
531 DynamicIoctl dynamicIoctl;
532 #endif
533
534 AddPeriodicCheck addPeriodicCheck;
535 AddPostConfigFuncs addPostConfigFunc;
536 AddToPostConfList addFuncToPostConfigList;
537 char **snort_conf_dir;
538 AddOutPutModule addOutputModule;
539 CanWhitelist canWhitelist;
540 FileAPI *fileAPI;
541 DisableAllPoliciesFunc disableAllPolicies;
542 ReenablePreprocBitFunc reenablePreprocBit;
543 DynamicCheckValueInRangeFunc checkValueInRange;
544
545 SetHttpBufferFunc setHttpBuffer;
546 GetHttpBufferFunc getHttpBuffer;
547
548 #ifdef ACTIVE_RESPONSE
549 ActiveInjectDataFunc activeInjectData;
550 ActiveResponseFunc activeSendResponse;
551 ActiveSendForwardResetFunc activeSendForwardReset;
552 ActiveQueueResponseFunc activeQueueResponse;
553 #endif
554 GetSSLCallbackFunc getSSLCallback;
555 SetSSLCallbackFunc setSSLCallback;
556 SslAppIdLookupFunc sslAppIdLookup;
557 RegisterSslAppIdLookupFunc registerSslAppIdLookup;
558
559 GetAppIdFunc getAppId;
560 RegisterGetAppIdFunc registerGetAppId;
561
562 UrlQueryCreateFunc urlQueryCreate;
563 UrlQueryDestroyFunc urlQueryDestroy;
564 UrlQueryMatchFunc urlQueryMatch;
565 RegisterUrlQueryFunc registerUrlQuery;
566
567 UserGroupIdGetFunc userGroupIdGet;
568 RegisterUserGroupIdGetFunc registerUserGroupIdGet;
569
570 GeoIpAddressLookupFunc geoIpAddressLookup;
571 RegisterGeoIpAddressLookupFunc registerGeoIpAddressLookup;
572
573 UpdateSSLSSnLogDataFunc updateSSLSSnLogData;
574 RegisterUpdateSSLSSnLogDataFunc registerUpdateSSLSSnLogData;
575
576 EndSSLSSnLogDataFunc endSSLSSnLogData;
577 RegisterEndSSLSSnLogDataFunc registerEndSSLSSnLogData;
578
579 GetSSLActualActionFunc getSSLActualAction;
580 RegisterGetSSLActualActionFunc registerGetSSLActualAction;
581
582 GetIntfDataFunc getIntfData;
583 RegisterGetIntfDataFunc registerGetIntfData;
584 DynamicReadyForProcessFunc readyForProcess;
585 DynamicIsSSLPolicyEnabledFunc isSSLPolicyEnabled;
586 DynamicSetSSLPolicyEnabledFunc setSSLPolicyEnabled;
587
588 /* Preproc's fetch Snort performance indicators. Used by IAB. */
589 GetPerfIndicatorsFunc getPerfIndicators;
590 GetSnortPacketLatencyFunc getPacketLatency;
591 GetSnortPacketDropPortionFunc getPacketDropPortion;
592
593 LoadAllLibsFunc loadAllLibs;
594 OpenDynamicLibraryFunc openDynamicLibrary;
595 GetSymbolFunc getSymbol;
596 CloseDynamicLibraryFunc closeDynamicLibrary;
597
598 DynamicGetHttpXffFieldsFunc getHttpXffFields;
599
600 #if defined(FEAT_OPEN_APPID)
601 struct AppIdApi *appIdApi;
602 RegisterIsAppIdRequiredFunc registerIsAppIdRequired;
603 UnregisterIsAppIdRequiredFunc unregisterIsAppIdRequired;
604 IsAppIdRequiredFunc isAppIdRequired;
605 #endif /* defined(FEAT_OPEN_APPID) */
606 ReadModeFunc isReadMode;
607 IsTestModeFunc isTestMode;
608 GetCurrentSnortConfigFunc getCurrentSnortConfig;
609 bool *pkt_tracer_enabled;
610 char *trace;
611 uint32_t traceMax;
612 AddPktTraceDataFunc addPktTrace;
613 GetPktTraceActionMsgFunc getPktTraceActionMsg;
614
615 #ifdef SNORT_RELOAD
616 ReloadAdjustRegisterFunc reloadAdjustRegister;
617 #endif
618
619 #ifdef DAQ_MODFLOW_TYPE_PRESERVE_FLOW
620 DynamicSetPreserveFlow setPreserveFlow;
621 #endif
622 IprepUpdateCountFunc setIPRepUpdateCount;
623 RegisterMemoryStatsFunc registerMemoryStatsFunc;
624 SnortAllocFunc snortAlloc;
625 SnortFreeFunc snortFree;
626 #if defined(DAQ_CAPA_CST_TIMEOUT)
627 CanGetTimeout canGetTimeout;
628 RegisterGetDaqCapaTimeoutFunc registerGetDaqCapaTimeout;
629 #endif
630
631 ReputationGetEntryCountFunc reputation_get_entry_count;
632 RegisterReputationGetEntryCountFunc registerReputationGetEntryCount;
633 ReputationProcessExternalIpFunc reputation_process_external_ip;
634 RegisterReputationProcessExternalFunc registerReputationProcessExternal;
635 RegisterFtpQueryModefunc registerFtpmodeQuery;
636 ftpGetModefunc ftpGetMode;
637
638 SetTlsHostAppIdFunc setTlsHostAppId;
639 RegisterSetTlsHostAppIdFunc registerSetTlsHostAppId;
640 } DynamicPreprocessorData;
641
642 /* Function prototypes for Dynamic Preprocessor Plugins */
643 void CloseDynamicPreprocessorLibs(void);
644 int LoadDynamicPreprocessor(struct _SnortConfig *sc, const char * const library_name, int indent);
645 void LoadAllDynamicPreprocessors(struct _SnortConfig *sc, const char * const path);
646 typedef int (*InitPreprocessorLibFunc)(DynamicPreprocessorData *);
647
648 int InitDynamicPreprocessors(void);
649 void RemoveDuplicatePreprocessorPlugins(void);
650
651 /* This was necessary because of static code analysis not recognizing that
652 * fatalMsg did not return - use instead of fatalMsg
653 */
654 NORETURN void DynamicPreprocessorFatalMessage(const char *format, ...);
655
656 extern DynamicPreprocessorData _dpd;
657 #endif /* _SF_DYNAMIC_PREPROCESSOR_H_ */