#include "suricata-common.h"#include "conf.h"#include "util-unittest.h"#include "util-debug.h"#include "util-path.h"#include "util-conf.h"
Go to the source code of this file.
Macros | |
| #define | NODE_NAME_MAX 1024 |
Functions | |
| ConfNode * | ConfNodeGetNodeOrCreate (ConfNode *parent, const char *name, int final) |
| Helper function to get a node, creating it if it does not exist. More... | |
| void | ConfInit (void) |
| Initialize the configuration system. More... | |
| ConfNode * | ConfNodeNew (void) |
| Allocate a new configuration node. More... | |
| void | ConfNodeFree (ConfNode *node) |
| Free a ConfNode and all of its children. More... | |
| ConfNode * | ConfGetNode (const char *name) |
| Get a ConfNode by name. More... | |
| ConfNode * | ConfGetRootNode (void) |
| Get the root configuration node. More... | |
| int | ConfSet (const char *name, const char *val) |
| Set a configuration value. More... | |
| int | ConfSetFromString (const char *input, int final) |
| Set a configuration parameter from a string. More... | |
| int | ConfSetFinal (const char *name, const char *val) |
| Set a final configuration value. More... | |
| int | ConfGet (const char *name, const char **vptr) |
| Retrieve the value of a configuration node. More... | |
| int | ConfGetChildValue (const ConfNode *base, const char *name, const char **vptr) |
| ConfNode * | ConfGetChildWithDefault (const ConfNode *base, const ConfNode *dflt, const char *name) |
| int | ConfGetChildValueWithDefault (const ConfNode *base, const ConfNode *dflt, const char *name, const char **vptr) |
| int | ConfGetInt (const char *name, intmax_t *val) |
| Retrieve a configuration value as an integer. More... | |
| int | ConfGetChildValueInt (const ConfNode *base, const char *name, intmax_t *val) |
| int | ConfGetChildValueIntWithDefault (const ConfNode *base, const ConfNode *dflt, const char *name, intmax_t *val) |
| int | ConfGetBool (const char *name, int *val) |
| Retrieve a configuration value as a boolean. More... | |
| int | ConfGetChildValueBool (const ConfNode *base, const char *name, int *val) |
| int | ConfGetChildValueBoolWithDefault (const ConfNode *base, const ConfNode *dflt, const char *name, int *val) |
| int | ConfValIsTrue (const char *val) |
| Check if a value is true. More... | |
| int | ConfValIsFalse (const char *val) |
| Check if a value is false. More... | |
| int | ConfGetDouble (const char *name, double *val) |
| Retrieve a configuration value as a double. More... | |
| int | ConfGetFloat (const char *name, float *val) |
| Retrieve a configuration value as a float. More... | |
| void | ConfNodeRemove (ConfNode *node) |
| Remove (and SCFree) the provided configuration node. More... | |
| int | ConfRemove (const char *name) |
| Remove a configuration parameter from the configuration db. More... | |
| void | ConfCreateContextBackup (void) |
| Creates a backup of the conf_hash hash_table used by the conf API. More... | |
| void | ConfRestoreContextBackup (void) |
| Restores the backup of the hash_table present in backup_conf_hash back to conf_hash. More... | |
| void | ConfDeInit (void) |
| De-initializes the configuration system. More... | |
| void | ConfNodeDump (const ConfNode *node, const char *prefix) |
| Dump a configuration node and all its children. More... | |
| void | ConfDump (void) |
| Dump configuration to stdout. More... | |
| bool | ConfNodeHasChildren (const ConfNode *node) |
| Check if a node has any children. More... | |
| ConfNode * | ConfNodeLookupChild (const ConfNode *node, const char *name) |
| Lookup a child configuration node by name. More... | |
| const char * | ConfNodeLookupChildValue (const ConfNode *node, const char *name) |
| Lookup the value of a child configuration node by name. More... | |
| ConfNode * | ConfNodeLookupKeyValue (const ConfNode *base, const char *key, const char *value) |
| Lookup for a key value under a specific node. More... | |
| int | ConfNodeChildValueIsTrue (const ConfNode *node, const char *key) |
| Test if a configuration node has a true value. More... | |
| char * | ConfLoadCompleteIncludePath (const char *file) |
| Create the path for an include entry. More... | |
| void | ConfNodePrune (ConfNode *node) |
| Prune a configuration node. More... | |
| int | ConfNodeIsSequence (const ConfNode *node) |
| Check if a node is a sequence or node. More... | |
| ConfNode * | ConfSetIfaceNode (const char *ifaces_node_name, const char *iface) |
| Finds an interface from the list of interfaces. More... | |
| int | ConfSetRootAndDefaultNodes (const char *ifaces_node_name, const char *iface, ConfNode **if_root, ConfNode **if_default) |
| Finds and sets root and default node of the interface. More... | |
| void | ConfRegisterTests (void) |
Detailed Description
This file provides a basic configuration system for the IDPS engine.
NOTE: Setting values should only be done from one thread during engine initialization. Multiple threads should be able access read configuration data. Allowing run time changes to the configuration will require some locks.
- Todo:
- Consider having the in-memory configuration database a direct reflection of the configuration file and moving command line parameters to a primary lookup table?
- Todo:
- Get rid of allow override and go with a simpler first set, stays approach?
Definition in file conf.c.
Macro Definition Documentation
◆ NODE_NAME_MAX
| #define NODE_NAME_MAX 1024 |
Function Documentation
◆ ConfCreateContextBackup()
| void ConfCreateContextBackup | ( | void | ) |
◆ ConfDeInit()
| void ConfDeInit | ( | void | ) |
◆ ConfDump()
| void ConfDump | ( | void | ) |
Dump configuration to stdout.
Definition at line 751 of file conf.c.
References ConfNodeDump().
◆ ConfGet()
| int ConfGet | ( | const char * | name, |
| const char ** | vptr | ||
| ) |
Retrieve the value of a configuration node.
This function will return the value for a configuration node based on the full name of the node. It is possible that the value returned could be NULL, this could happen if the requested node does exist but is not a node that contains a value, but contains children ConfNodes instead.
- Parameters
-
name Name of configuration parameter to get. vptr Pointer that will be set to the configuration value parameter. Note that this is just a reference to the actual value, not a copy.
- Return values
-
1 will be returned if the name is found, otherwise 0 will be returned.
Definition at line 335 of file conf.c.
References ConfGetNode(), SCLogDebug, and ConfNode_::val.
Referenced by ConfGetBool(), ConfGetDouble(), ConfGetFloat(), ConfGetInt(), ConfigGetDataDirectory(), ConfigGetLogDirectory(), ConfLoadCompleteIncludePath(), ConfSetBPFFilter(), ConfUnixSocketIsEnable(), CoredumpLoadConfig(), FlowInitConfig(), HTPParseMemcap(), HttpRangeContainersInit(), NFQInitConfig(), OutputJsonInitCtx(), PatternMatchDefaultMatcher(), PostConfLoadedSetup(), RunModeErfFileAutoFp(), RunModeErfFileSingle(), RunModeFilePcapAutoFp(), RunModeFilePcapSingle(), RunModeIdsAFPAutoFp(), RunModeIdsAFPSingle(), RunModeIdsAFPWorkers(), RunModeIdsAFXDPSingle(), RunModeIdsAFXDPWorkers(), RunModeIdsPcapAutoFp(), RunModeIdsPcapSingle(), RunModeIdsPcapWorkers(), RunModeInitializeThreadSettings(), SCLogLoadConfig(), SCRuleVarsGetConfVar(), SinglePatternMatchDefaultMatcher(), StreamTcpInitConfig(), and TmqhFlowRegister().
◆ ConfGetBool()
| int ConfGetBool | ( | const char * | name, |
| int * | val | ||
| ) |
Retrieve a configuration value as a boolean.
- Parameters
-
name Name of configuration parameter to get. val Pointer to an int that will be set to 1 for true, or 0 for false.
- Return values
-
1 will be returned if the name is found and was properly converted to a boolean, otherwise 0 will be returned.
Definition at line 483 of file conf.c.
References ConfGet(), and ConfValIsTrue().
Referenced by DecodeERSPANConfig(), DecodeGeneveConfig(), DecodeTeredoConfig(), DecodeVXLANConfig(), DetectEngineFrameMpmRegister(), NapatechGetStreamConfig(), NapatechPacketLoop(), NFQInitConfig(), PostConfLoadedSetup(), RunModeInitializeThreadSettings(), and StreamTcpInitConfig().
◆ ConfGetChildValue()
| int ConfGetChildValue | ( | const ConfNode * | base, |
| const char * | name, | ||
| const char ** | vptr | ||
| ) |
◆ ConfGetChildValueBool()
| int ConfGetChildValueBool | ( | const ConfNode * | base, |
| const char * | name, | ||
| int * | val | ||
| ) |
◆ ConfGetChildValueBoolWithDefault()
◆ ConfGetChildValueInt()
| int ConfGetChildValueInt | ( | const ConfNode * | base, |
| const char * | name, | ||
| intmax_t * | val | ||
| ) |
◆ ConfGetChildValueIntWithDefault()
◆ ConfGetChildValueWithDefault()
| int ConfGetChildValueWithDefault | ( | const ConfNode * | base, |
| const ConfNode * | dflt, | ||
| const char * | name, | ||
| const char ** | vptr | ||
| ) |
Definition at line 378 of file conf.c.
Referenced by ConfSetBPFFilter().
◆ ConfGetChildWithDefault()
◆ ConfGetDouble()
| int ConfGetDouble | ( | const char * | name, |
| double * | val | ||
| ) |
Retrieve a configuration value as a double.
- Parameters
-
name Name of configuration parameter to get. val Pointer to an double that will be set the configuration value.
- Return values
-
1 will be returned if the name is found and was properly converted to a double, otherwise 0 will be returned.
Definition at line 586 of file conf.c.
References ConfGet().
◆ ConfGetFloat()
| int ConfGetFloat | ( | const char * | name, |
| float * | val | ||
| ) |
Retrieve a configuration value as a float.
- Parameters
-
name Name of configuration parameter to get. val Pointer to an float that will be set the configuration value.
- Return values
-
1 will be returned if the name is found and was properly converted to a double, otherwise 0 will be returned.
Definition at line 616 of file conf.c.
References ConfGet().
Referenced by RunModeInitializeThreadSettings().
◆ ConfGetInt()
| int ConfGetInt | ( | const char * | name, |
| intmax_t * | val | ||
| ) |
Retrieve a configuration value as an integer.
- Parameters
-
name Name of configuration parameter to get. val Pointer to an intmax_t that will be set the configuration value.
- Return values
-
1 will be returned if the name is found and was properly converted to an integer, otherwise 0 will be returned.
Definition at line 399 of file conf.c.
References ConfGet(), and SCLogError.
Referenced by DecodeGlobalConfig(), DefragInit(), DetectLoadersInit(), FlowInitConfig(), FlowManagerThreadSpawn(), FlowRecyclerThreadSpawn(), NFQInitConfig(), PacketAlertGetMaxConfig(), SCProfilingInit(), and StreamTcpInitConfig().
◆ ConfGetNode()
| ConfNode* ConfGetNode | ( | const char * | name | ) |
Get a ConfNode by name.
- Parameters
-
name The full name of the configuration node to lookup.
- Return values
-
A pointer to ConfNode is found or NULL if the configuration node does not exist.
Definition at line 181 of file conf.c.
Referenced by ActionInitConfig(), AppLayerParserConfParserEnabled(), AppLayerProtoDetectConfProtoDetectionEnabledDefault(), AppLayerProtoDetectPPParseConfPorts(), ConfGet(), ConfRemove(), ConfSetIfaceNode(), DatasetsInit(), DetectAddressTestConfVars(), DetectLoadCompleteSigPath(), DetectPortTestConfVars(), DetectTemplateRustBufferRegister(), FlowInitFlowProto(), JsonBitTorrentDHTLogRegister(), JsonPgsqlLogRegister(), JsonTemplateLogRegister(), PcapLogProfileSetup(), RegisterMQTTParsers(), RunModeInitializeOutputs(), RunModeInitializeThreadSettings(), SCLogLoadConfig(), SCProfilingKeywordsGlobalInit(), SCProfilingPrefilterGlobalInit(), SCProfilingSghsGlobalInit(), and StreamTcpInitConfig().
◆ ConfGetRootNode()
| ConfNode* ConfGetRootNode | ( | void | ) |
◆ ConfInit()
| void ConfInit | ( | void | ) |
Initialize the configuration system.
Definition at line 120 of file conf.c.
Referenced by InitGlobal().
◆ ConfLoadCompleteIncludePath()
| char* ConfLoadCompleteIncludePath | ( | const char * | file | ) |
Create the path for an include entry.
- Parameters
-
file The name of the file
- Return values
-
str Pointer to the string path + sig_file
Definition at line 873 of file conf.c.
References ConfGet(), PathIsRelative(), SCLogDebug, SCMalloc, SCStrdup, strlcat(), strlcpy(), and unlikely.
◆ ConfNodeChildValueIsTrue()
| int ConfNodeChildValueIsTrue | ( | const ConfNode * | node, |
| const char * | key | ||
| ) |
Test if a configuration node has a true value.
- Parameters
-
node The parent configuration node. name The name of the child node to test.
- Return values
-
1 if the child node has a true value, otherwise 0 is returned, even if the child node does not exist.
Definition at line 859 of file conf.c.
References ConfNodeLookupChildValue(), and ConfValIsTrue().
Referenced by HttpXFFGetCfg(), PcapLogProfileSetup(), SCProfilingKeywordsGlobalInit(), SCProfilingPrefilterGlobalInit(), and SCProfilingSghsGlobalInit().
◆ ConfNodeDump()
| void ConfNodeDump | ( | const ConfNode * | node, |
| const char * | prefix | ||
| ) |
Dump a configuration node and all its children.
Definition at line 721 of file conf.c.
References ConfNode_::name, next, SCStrdup, TAILQ_FOREACH, and unlikely.
Referenced by ConfDump().
◆ ConfNodeFree()
| void ConfNodeFree | ( | ConfNode * | node | ) |
Free a ConfNode and all of its children.
- Parameters
-
node The configuration node to SCFree.
Definition at line 157 of file conf.c.
References ConfNodeFree(), ConfNode_::name, next, SCFree, TAILQ_FIRST, TAILQ_REMOVE, and ConfNode_::val.
Referenced by ConfNodeFree(), ConfNodeGetNodeOrCreate(), and ConfNodeRemove().
◆ ConfNodeGetNodeOrCreate()
Helper function to get a node, creating it if it does not exist.
This function exits on memory failure as creating configuration nodes is usually part of application initialization.
- Parameters
-
parent The node to use as the parent name The name of the configuration node to get. final Flag to set created nodes as final or not.
- Return values
-
The existing configuration node if it exists, or a newly created node for the provided name. On error, NULL will be returned.
Definition at line 66 of file conf.c.
References ConfNodeFree(), ConfNodeLookupChild(), ConfNodeNew(), ConfNode_::final, ConfNode_::name, next, NODE_NAME_MAX, ConfNode_::parent, SCLogError, SCLogWarning, SCStrdup, strlcpy(), TAILQ_INSERT_TAIL, and unlikely.
◆ ConfNodeHasChildren()
| bool ConfNodeHasChildren | ( | const ConfNode * | node | ) |
Check if a node has any children.
Checks if the provided node has any children. Any node that is a YAML map or array will have children.
- Parameters
-
node The node to check.
- Return values
-
true if node has children false if node does not have children
Definition at line 767 of file conf.c.
References TAILQ_EMPTY.
◆ ConfNodeIsSequence()
| int ConfNodeIsSequence | ( | const ConfNode * | node | ) |
Check if a node is a sequence or node.
- Parameters
-
node the node to check.
- Returns
- 1 if node is a sequence, otherwise 0.
Definition at line 946 of file conf.c.
References ConfNode_::is_seq.
◆ ConfNodeLookupChild()
Lookup a child configuration node by name.
Given a ConfNode this function will lookup an immediate child ConfNode by name and return the child ConfNode.
- Parameters
-
node The parent configuration node. name The name of the child node to lookup.
- Return values
-
A pointer the child ConfNode if found otherwise NULL.
Definition at line 786 of file conf.c.
References ConfNode_::name, next, and TAILQ_FOREACH.
Referenced by AppLayerProtoDetectPPParseConfPorts(), ConfNodeGetNodeOrCreate(), ConfNodeLookupChildValue(), FileForceHashParseCfg(), FlowInitFlowProto(), HttpXFFGetCfg(), OutputEmailInitConf(), and SCConfLogOpenGeneric().
◆ ConfNodeLookupChildValue()
| const char* ConfNodeLookupChildValue | ( | const ConfNode * | node, |
| const char * | name | ||
| ) |
Lookup the value of a child configuration node by name.
Given a parent ConfNode this function will return the value of a child configuration node by name returning a reference to that value.
- Parameters
-
node The parent configuration node. name The name of the child node to lookup.
- Return values
-
A pointer the child ConfNodes value if found otherwise NULL.
Definition at line 814 of file conf.c.
References ConfNodeLookupChild(), and ConfNode_::val.
Referenced by ConfNodeChildValueIsTrue(), FileForceHashParseCfg(), FlowInitFlowProto(), HttpXFFGetCfg(), LogHttpLogInitCtx(), LogTcpDataLogInitCtx(), OutputEmailInitConf(), OutputJsonInitCtx(), SCConfLogOpenGeneric(), SCProfilingKeywordsGlobalInit(), SCProfilingPrefilterGlobalInit(), and SCProfilingSghsGlobalInit().
◆ ConfNodeLookupKeyValue()
◆ ConfNodeNew()
| ConfNode* ConfNodeNew | ( | void | ) |
Allocate a new configuration node.
- Return values
-
An allocated configuration node on success, NULL on failure.
Definition at line 139 of file conf.c.
References SCCalloc, TAILQ_INIT, and unlikely.
Referenced by ConfNodeGetNodeOrCreate().
◆ ConfNodePrune()
| void ConfNodePrune | ( | ConfNode * | node | ) |
Prune a configuration node.
Pruning a configuration is similar to freeing, but only fields that may be overridden are, leaving final type parameters. Additional the value of the provided node is also free'd, but the node itself is left.
- Parameters
-
node The configuration node to prune.
Definition at line 914 of file conf.c.
References ConfNodePrune(), ConfNode_::final, ConfNode_::name, next, SCFree, TAILQ_EMPTY, TAILQ_FIRST, TAILQ_NEXT, TAILQ_REMOVE, and ConfNode_::val.
Referenced by ConfNodePrune().
◆ ConfNodeRemove()
| void ConfNodeRemove | ( | ConfNode * | node | ) |
Remove (and SCFree) the provided configuration node.
Definition at line 639 of file conf.c.
References ConfNodeFree(), next, ConfNode_::parent, and TAILQ_REMOVE.
Referenced by ConfRemove().
◆ ConfRegisterTests()
| void ConfRegisterTests | ( | void | ) |
Definition at line 1492 of file conf.c.
References UtRegisterTest().
◆ ConfRemove()
| int ConfRemove | ( | const char * | name | ) |
Remove a configuration parameter from the configuration db.
- Parameters
-
name The name of the configuration parameter to remove.
- Return values
-
Returns 1 if the parameter was removed, otherwise 0 is returned most likely indicating the parameter was not set.
Definition at line 654 of file conf.c.
References ConfGetNode(), and ConfNodeRemove().
◆ ConfRestoreContextBackup()
| void ConfRestoreContextBackup | ( | void | ) |
◆ ConfSet()
| int ConfSet | ( | const char * | name, |
| const char * | val | ||
| ) |
Set a configuration value.
Configuration values set with this function may be overridden by subsequent calls, or if the value appears multiple times in a configuration file.
- Parameters
-
name The name of the configuration parameter to set. val The value of the configuration parameter.
- Return values
-
1 if the value was set otherwise 0.
Definition at line 224 of file conf.c.
Referenced by ConfSetFromString(), and PostConfLoadedSetup().
◆ ConfSetFinal()
| int ConfSetFinal | ( | const char * | name, |
| const char * | val | ||
| ) |
Set a final configuration value.
A final configuration value is a value that cannot be overridden by the configuration file. Its mainly useful for setting values that are supplied on the command line prior to the configuration file being loaded. However, a subsequent call to this function can override a previously set value.
- Parameters
-
name The name of the configuration parameter to set. val The value of the configuration parameter.
- Return values
-
1 if the value was set otherwise 0.
Definition at line 303 of file conf.c.
Referenced by ConfigSetDataDirectory(), ConfigSetLogDirectory(), and ConfSetFromString().
◆ ConfSetFromString()
| int ConfSetFromString | ( | const char * | input, |
| int | final | ||
| ) |
Set a configuration parameter from a string.
Where the input string is something like: stream.midstream=true
- Parameters
-
input the input string to be parsed.
- Return values
-
1 if the value of set, otherwise 0.
Definition at line 249 of file conf.c.
References ConfSet(), ConfSetFinal(), SCFree, SCStrdup, and unlikely.
◆ ConfSetIfaceNode()
| ConfNode* ConfSetIfaceNode | ( | const char * | ifaces_node_name, |
| const char * | iface | ||
| ) |
Finds an interface from the list of interfaces.
- Parameters
-
ifaces_node_name - name of the node which holds a list of interfaces iface - interfaces name
- Returns
- NULL on failure otherwise a valid pointer
Definition at line 957 of file conf.c.
References ConfFindDeviceConfig(), ConfGetNode(), SCLogError, and SCLogNotice.
Referenced by ConfSetRootAndDefaultNodes().
◆ ConfSetRootAndDefaultNodes()
| int ConfSetRootAndDefaultNodes | ( | const char * | ifaces_node_name, |
| const char * | iface, | ||
| ConfNode ** | if_root, | ||
| ConfNode ** | if_default | ||
| ) |
Finds and sets root and default node of the interface.
- Parameters
-
ifaces_node_name Node which holds list of interfaces iface Name of the interface e.g. eth3 if_root Node which will hold the interface configuration if_default Node which is the default configuration in the given list of interfaces
- Returns
- 0 on success, -ENODEV when neither the root interface nor the default interface was found
Definition at line 983 of file conf.c.
References ConfSetIfaceNode(), and SCLogError.
◆ ConfValIsFalse()
| int ConfValIsFalse | ( | const char * | val | ) |
Check if a value is false.
The value is considered false if it is a string with the value of 0, no, false or off. The test is not case sensitive, any other value is not false.
- Parameters
-
val The string to test for a false value.
- Return values
-
1 If the value is false, 0 if not.
Definition at line 562 of file conf.c.
Referenced by AppLayerParserConfParserEnabled(), AppLayerProtoDetectConfProtoDetectionEnabledDefault(), and SCConfLogOpenGeneric().
◆ ConfValIsTrue()
| int ConfValIsTrue | ( | const char * | val | ) |
Check if a value is true.
The value is considered true if it is a string with the value of 1, yes, true or on. The test is not case sensitive, any other value is false.
- Parameters
-
val The string to test for a true value.
- Return values
-
1 If the value is true, 0 if not.
Definition at line 537 of file conf.c.
Referenced by AppLayerParserConfParserEnabled(), AppLayerProtoDetectConfProtoDetectionEnabledDefault(), ConfGetBool(), ConfNodeChildValueIsTrue(), ConfUnixSocketIsEnable(), FileForceHashParseCfg(), LogHttpLogInitCtx(), and OutputEmailInitConf().
