#include "suricata-common.h"#include "conf.h"#include "util-unittest.h"#include "util-debug.h"#include "util-path.h"
Go to the source code of this file.
Macros | |
| #define | NODE_NAME_MAX 1024 |
Functions | |
| void | ConfInit (void) |
| Initialize the configuration system. More... | |
| ConfNode * | ConfNodeNew (void) |
| Allocate a new configuration node. More... | |
| void | ConfNodeFree (ConfNode *node) |
| Free a ConfNode and all of its children. More... | |
| ConfNode * | ConfGetNode (const char *name) |
| Get a ConfNode by name. More... | |
| ConfNode * | ConfGetRootNode (void) |
| Get the root configuration node. More... | |
| int | ConfSet (const char *name, const char *val) |
| Set a configuration value. More... | |
| int | ConfSetFromString (const char *input, int final) |
| Set a configuration parameter from a string. More... | |
| int | ConfSetFinal (const char *name, const char *val) |
| Set a final configuration value. More... | |
| int | ConfGet (const char *name, const char **vptr) |
| Retrieve the value of a configuration node. More... | |
| int | ConfGetValue (const char *name, const char **vptr) |
| Retrieve the value of a configuration node. More... | |
| int | ConfGetChildValue (const ConfNode *base, const char *name, const char **vptr) |
| ConfNode * | ConfGetChildWithDefault (const ConfNode *base, const ConfNode *dflt, const char *name) |
| int | ConfGetChildValueWithDefault (const ConfNode *base, const ConfNode *dflt, const char *name, const char **vptr) |
| int | ConfGetInt (const char *name, intmax_t *val) |
| Retrieve a configuration value as an integer. More... | |
| int | ConfGetChildValueInt (const ConfNode *base, const char *name, intmax_t *val) |
| int | ConfGetChildValueIntWithDefault (const ConfNode *base, const ConfNode *dflt, const char *name, intmax_t *val) |
| int | ConfGetBool (const char *name, int *val) |
| Retrieve a configuration value as an boolen. More... | |
| int | ConfGetChildValueBool (const ConfNode *base, const char *name, int *val) |
| int | ConfGetChildValueBoolWithDefault (const ConfNode *base, const ConfNode *dflt, const char *name, int *val) |
| int | ConfValIsTrue (const char *val) |
| Check if a value is true. More... | |
| int | ConfValIsFalse (const char *val) |
| Check if a value is false. More... | |
| int | ConfGetDouble (const char *name, double *val) |
| Retrieve a configuration value as a double. More... | |
| int | ConfGetFloat (const char *name, float *val) |
| Retrieve a configuration value as a float. More... | |
| void | ConfNodeRemove (ConfNode *node) |
| Remove (and SCFree) the provided configuration node. More... | |
| int | ConfRemove (const char *name) |
| Remove a configuration parameter from the configuration db. More... | |
| void | ConfCreateContextBackup (void) |
| Creates a backup of the conf_hash hash_table used by the conf API. More... | |
| void | ConfRestoreContextBackup (void) |
| Restores the backup of the hash_table present in backup_conf_hash back to conf_hash. More... | |
| void | ConfDeInit (void) |
| De-initializes the configuration system. More... | |
| void | ConfNodeDump (const ConfNode *node, const char *prefix) |
| Dump a configuration node and all its children. More... | |
| void | ConfDump (void) |
| Dump configuration to stdout. More... | |
| bool | ConfNodeHasChildren (const ConfNode *node) |
| Check if a node has any children. More... | |
| ConfNode * | ConfNodeLookupChild (const ConfNode *node, const char *name) |
| Lookup a child configuration node by name. More... | |
| const char * | ConfNodeLookupChildValue (const ConfNode *node, const char *name) |
| Lookup the value of a child configuration node by name. More... | |
| ConfNode * | ConfNodeLookupKeyValue (const ConfNode *base, const char *key, const char *value) |
| Lookup for a key value under a specific node. More... | |
| int | ConfNodeChildValueIsTrue (const ConfNode *node, const char *key) |
| Test if a configuration node has a true value. More... | |
| char * | ConfLoadCompleteIncludePath (const char *file) |
| Create the path for an include entry. More... | |
| void | ConfNodePrune (ConfNode *node) |
| Prune a configuration node. More... | |
| int | ConfNodeIsSequence (const ConfNode *node) |
| Check if a node is a sequence or node. More... | |
| void | ConfRegisterTests (void) |
Detailed Description
This file provides a basic configuration system for the IDPS engine.
NOTE: Setting values should only be done from one thread during engine initialization. Multiple threads should be able access read configuration data. Allowing run time changes to the configuration will require some locks.
- Todo:
- Consider having the in-memory configuration database a direct reflection of the configuration file and moving command line parameters to a primary lookup table?
- Todo:
- Get rid of allow override and go with a simpler first set, stays approach?
Definition in file conf.c.
Macro Definition Documentation
◆ NODE_NAME_MAX
| #define NODE_NAME_MAX 1024 |
Function Documentation
◆ ConfCreateContextBackup()
| void ConfCreateContextBackup | ( | void | ) |
◆ ConfDeInit()
| void ConfDeInit | ( | void | ) |
◆ ConfDump()
| void ConfDump | ( | void | ) |
Dump configuration to stdout.
Definition at line 779 of file conf.c.
References ConfNodeDump().
◆ ConfGet()
| int ConfGet | ( | const char * | name, |
| const char ** | vptr | ||
| ) |
Retrieve the value of a configuration node.
This function will return the value for a configuration node based on the full name of the node. It is possible that the value returned could be NULL, this could happen if the requested node does exist but is not a node that contains a value, but contains children ConfNodes instead.
- Parameters
-
name Name of configuration parameter to get. vptr Pointer that will be set to the configuration value parameter. Note that this is just a reference to the actual value, not a copy.
- Return values
-
1 will be returned if the name is found, otherwise 0 will be returned.
Definition at line 330 of file conf.c.
References ConfGetNode(), SCLogDebug, and ConfNode_::val.
Referenced by ConfGetDouble(), ConfGetFloat(), ConfGetInt(), ConfigGetDataDirectory(), ConfigGetLogDirectory(), ConfLoadCompleteIncludePath(), ConfUnixSocketIsEnable(), CoredumpLoadConfig(), DetectLoadCompleteSigPath(), FlowInitConfig(), HTPParseMemcap(), NFQInitConfig(), OutputJsonInitCtx(), PatternMatchDefaultMatcher(), PostConfLoadedSetup(), RunModeDispatch(), RunModeErfFileAutoFp(), RunModeErfFileSingle(), RunModeFilePcapAutoFp(), RunModeFilePcapSingle(), RunModeIdsAFPAutoFp(), RunModeIdsAFPSingle(), RunModeIdsAFPWorkers(), RunModeIdsNetmapAutoFp(), RunModeIdsNetmapSingle(), RunModeIdsNetmapWorkers(), RunModeIdsPcapAutoFp(), RunModeIdsPcapSingle(), RunModeIdsPcapWorkers(), SCLogLoadConfig(), SCRuleVarsGetConfVar(), SinglePatternMatchDefaultMatcher(), and TmqhFlowRegister().
◆ ConfGetBool()
| int ConfGetBool | ( | const char * | name, |
| int * | val | ||
| ) |
Retrieve a configuration value as an boolen.
- Parameters
-
name Name of configuration parameter to get. val Pointer to an int that will be set to 1 for true, or 0 for false.
- Return values
-
1 will be returned if the name is found and was properly converted to a boolean, otherwise 0 will be returned.
Definition at line 516 of file conf.c.
References ConfGetValue(), and ConfValIsTrue().
Referenced by DecodeERSPANConfig(), DecodeGeneveConfig(), DecodeTeredoConfig(), DecodeVXLANConfig(), NapatechGetStreamConfig(), NapatechPacketLoop(), NFQInitConfig(), PostConfLoadedSetup(), RunModeInitialize(), and StreamTcpInitConfig().
◆ ConfGetChildValue()
| int ConfGetChildValue | ( | const ConfNode * | base, |
| const char * | name, | ||
| const char ** | vptr | ||
| ) |
Definition at line 387 of file conf.c.
References ConfNodeLookupChild(), SCLogDebug, and ConfNode_::val.
Referenced by ConfGetChildValueBool(), ConfGetChildValueInt(), and ConfGetChildValueWithDefault().
◆ ConfGetChildValueBool()
| int ConfGetChildValueBool | ( | const ConfNode * | base, |
| const char * | name, | ||
| int * | val | ||
| ) |
Definition at line 529 of file conf.c.
References ConfGetChildValue(), and ConfValIsTrue().
Referenced by ConfGetChildValueBoolWithDefault().
◆ ConfGetChildValueBoolWithDefault()
| int ConfGetChildValueBoolWithDefault | ( | const ConfNode * | base, |
| const ConfNode * | dflt, | ||
| const char * | name, | ||
| int * | val | ||
| ) |
Definition at line 542 of file conf.c.
References ConfGetChildValueBool().
◆ ConfGetChildValueInt()
| int ConfGetChildValueInt | ( | const ConfNode * | base, |
| const char * | name, | ||
| intmax_t * | val | ||
| ) |
Definition at line 468 of file conf.c.
References ConfGetChildValue(), ConfNode_::name, SC_ERR_INVALID_YAML_CONF_ENTRY, and SCLogError.
Referenced by ConfGetChildValueIntWithDefault().
◆ ConfGetChildValueIntWithDefault()
| int ConfGetChildValueIntWithDefault | ( | const ConfNode * | base, |
| const ConfNode * | dflt, | ||
| const char * | name, | ||
| intmax_t * | val | ||
| ) |
Definition at line 494 of file conf.c.
References ConfGetChildValueInt().
◆ ConfGetChildValueWithDefault()
| int ConfGetChildValueWithDefault | ( | const ConfNode * | base, |
| const ConfNode * | dflt, | ||
| const char * | name, | ||
| const char ** | vptr | ||
| ) |
Definition at line 415 of file conf.c.
References ConfGetChildValue().
Referenced by AFPRunModeIsIPS().
◆ ConfGetChildWithDefault()
| ConfNode* ConfGetChildWithDefault | ( | const ConfNode * | base, |
| const ConfNode * | dflt, | ||
| const char * | name | ||
| ) |
Definition at line 401 of file conf.c.
References ConfNodeLookupChild().
◆ ConfGetDouble()
| int ConfGetDouble | ( | const char * | name, |
| double * | val | ||
| ) |
Retrieve a configuration value as a double.
- Parameters
-
name Name of configuration parameter to get. val Pointer to an double that will be set the configuration value.
- Return values
-
1 will be returned if the name is found and was properly converted to a double, otherwise 0 will be returned.
Definition at line 614 of file conf.c.
References ConfGet().
◆ ConfGetFloat()
| int ConfGetFloat | ( | const char * | name, |
| float * | val | ||
| ) |
Retrieve a configuration value as a float.
- Parameters
-
name Name of configuration parameter to get. val Pointer to an float that will be set the configuration value.
- Return values
-
1 will be returned if the name is found and was properly converted to a double, otherwise 0 will be returned.
Definition at line 644 of file conf.c.
References ConfGet().
Referenced by RunModeInitialize().
◆ ConfGetInt()
| int ConfGetInt | ( | const char * | name, |
| intmax_t * | val | ||
| ) |
Retrieve a configuration value as an integer.
- Parameters
-
name Name of configuration parameter to get. val Pointer to an intmax_t that will be set the configuration value.
- Return values
-
1 will be returned if the name is found and was properly converted to an interger, otherwise 0 will be returned.
Definition at line 436 of file conf.c.
References ConfGet(), SC_ERR_INVALID_YAML_CONF_ENTRY, and SCLogError.
Referenced by DecodeGlobalConfig(), DefragInit(), DetectLoadersInit(), FlowInitConfig(), FlowManagerThreadSpawn(), FlowRecyclerThreadSpawn(), NFQInitConfig(), SCProfilingInit(), and StreamTcpInitConfig().
◆ ConfGetNode()
| ConfNode* ConfGetNode | ( | const char * | name | ) |
Get a ConfNode by name.
- Parameters
-
name The full name of the configuration node to lookup.
- Return values
-
A pointer to ConfNode is found or NULL if the configuration node does not exist.
Definition at line 175 of file conf.c.
Referenced by ActionInitConfig(), AFPRunModeIsIPS(), AppLayerParserConfParserEnabled(), AppLayerProtoDetectConfProtoDetectionEnabled(), AppLayerProtoDetectPPParseConfPorts(), ConfGet(), ConfGetValue(), ConfRemove(), DatasetsInit(), DetectAddressTestConfVars(), DetectPortTestConfVars(), DetectTemplateBufferRegister(), DetectTemplateRustBufferRegister(), FlowInitFlowProto(), JsonTemplateLogRegister(), JsonTemplateRustLogRegister(), LiveBuildDeviceListCustom(), PcapLogProfileSetup(), RegisterMQTTParsers(), RegisterTemplateParsers(), RegisterTemplateRustParsers(), RunModeInitialize(), RunModeInitializeOutputs(), SCLogLoadConfig(), SCProfilingKeywordsGlobalInit(), SCProfilingPrefilterGlobalInit(), SCProfilingRulesGlobalInit(), SCProfilingSghsGlobalInit(), SetupRuleAnalyzer(), and StreamTcpInitConfig().
◆ ConfGetRootNode()
| ConfNode* ConfGetRootNode | ( | void | ) |
◆ ConfGetValue()
| int ConfGetValue | ( | const char * | name, |
| const char ** | vptr | ||
| ) |
Retrieve the value of a configuration node.
This function will return the value for a configuration node based on the full name of the node. This function notifies if vptr returns NULL or if name is set to NULL.
- Parameters
-
name Name of configuration parameter to get. vptr Pointer that will be set to the configuration value parameter. Note that this is just a reference to the actual value, not a copy.
- Return values
-
0 will be returned if name was not found, 1 will be returned if the name and it's value was found, -1 if the value returns NULL, -2 if name is NULL.
Definition at line 359 of file conf.c.
References ConfGetNode(), SC_ERR_INVALID_ARGUMENT, SCLogDebug, SCLogError, and ConfNode_::val.
Referenced by ConfGetBool(), PostConfLoadedSetup(), and StreamTcpInitConfig().
◆ ConfInit()
| void ConfInit | ( | void | ) |
Initialize the configuration system.
Definition at line 113 of file conf.c.
Referenced by InitGlobal().
◆ ConfLoadCompleteIncludePath()
| char* ConfLoadCompleteIncludePath | ( | const char * | file | ) |
Create the path for an include entry.
- Parameters
-
file The name of the file
- Return values
-
str Pointer to the string path + sig_file
Definition at line 901 of file conf.c.
References ConfGet(), PathIsRelative(), SCLogDebug, SCMalloc, SCStrdup, strlcat(), strlcpy(), and unlikely.
◆ ConfNodeChildValueIsTrue()
| int ConfNodeChildValueIsTrue | ( | const ConfNode * | node, |
| const char * | key | ||
| ) |
Test if a configuration node has a true value.
- Parameters
-
node The parent configuration node. name The name of the child node to test.
- Return values
-
1 if the child node has a true value, otherwise 0 is returned, even if the child node does not exist.
Definition at line 887 of file conf.c.
References ConfNodeLookupChildValue(), and ConfValIsTrue().
Referenced by HttpXFFGetCfg(), PcapLogProfileSetup(), SCProfilingKeywordsGlobalInit(), SCProfilingPrefilterGlobalInit(), SCProfilingRulesGlobalInit(), and SCProfilingSghsGlobalInit().
◆ ConfNodeDump()
| void ConfNodeDump | ( | const ConfNode * | node, |
| const char * | prefix | ||
| ) |
Dump a configuration node and all its children.
Definition at line 749 of file conf.c.
References ConfNode_::name, next, SCStrdup, TAILQ_FOREACH, and unlikely.
Referenced by ConfDump().
◆ ConfNodeFree()
| void ConfNodeFree | ( | ConfNode * | node | ) |
Free a ConfNode and all of its children.
- Parameters
-
node The configuration node to SCFree.
Definition at line 151 of file conf.c.
References ConfNodeFree(), ConfNode_::name, next, SCFree, TAILQ_FIRST, TAILQ_REMOVE, and ConfNode_::val.
Referenced by ConfNodeFree(), and ConfNodeRemove().
◆ ConfNodeHasChildren()
| bool ConfNodeHasChildren | ( | const ConfNode * | node | ) |
Check if a node has any children.
Checks if the provided node has any children. Any node that is a YAML map or array will have children.
- Parameters
-
node The node to check.
- Return values
-
true if node has children false if node does not have children
Definition at line 795 of file conf.c.
References TAILQ_EMPTY.
◆ ConfNodeIsSequence()
| int ConfNodeIsSequence | ( | const ConfNode * | node | ) |
Check if a node is a sequence or node.
- Parameters
-
node the node to check.
- Returns
- 1 if node is a seuence, otherwise 0.
Definition at line 974 of file conf.c.
References ConfNode_::is_seq.
◆ ConfNodeLookupChild()
Lookup a child configuration node by name.
Given a ConfNode this function will lookup an immediate child ConfNode by name and return the child ConfNode.
- Parameters
-
node The parent configuration node. name The name of the child node to lookup.
- Return values
-
A pointer the child ConfNode if found otherwise NULL.
Definition at line 814 of file conf.c.
References ConfNode_::name, next, and TAILQ_FOREACH.
Referenced by AppLayerProtoDetectPPParseConfPorts(), ConfGetChildValue(), ConfGetChildWithDefault(), ConfNodeLookupChildValue(), FileForceHashParseCfg(), FlowInitFlowProto(), HttpXFFGetCfg(), and OutputEmailInitConf().
◆ ConfNodeLookupChildValue()
| const char* ConfNodeLookupChildValue | ( | const ConfNode * | node, |
| const char * | name | ||
| ) |
Lookup the value of a child configuration node by name.
Given a parent ConfNode this function will return the value of a child configuration node by name returning a reference to that value.
- Parameters
-
node The parent configuration node. name The name of the child node to lookup.
- Return values
-
A pointer the child ConfNodes value if found otherwise NULL.
Definition at line 842 of file conf.c.
References ConfNodeLookupChild(), and ConfNode_::val.
Referenced by ConfNodeChildValueIsTrue(), FileForceHashParseCfg(), FlowInitFlowProto(), HttpXFFGetCfg(), LogHttpLogInitCtx(), LogTcpDataLogInitCtx(), OutputEmailInitConf(), OutputJsonInitCtx(), SCProfilingKeywordsGlobalInit(), SCProfilingPrefilterGlobalInit(), SCProfilingRulesGlobalInit(), SCProfilingSghsGlobalInit(), and SetupRuleAnalyzer().
◆ ConfNodeLookupKeyValue()
Lookup for a key value under a specific node.
- Returns
- the ConfNode matching or NULL
Definition at line 859 of file conf.c.
References ConfNode_::name, next, TAILQ_FOREACH, and ConfNode_::val.
Referenced by AFPRunModeIsIPS().
◆ ConfNodeNew()
| ConfNode* ConfNodeNew | ( | void | ) |
Allocate a new configuration node.
- Return values
-
An allocated configuration node on success, NULL on failure.
Definition at line 133 of file conf.c.
References SCCalloc, TAILQ_INIT, and unlikely.
◆ ConfNodePrune()
| void ConfNodePrune | ( | ConfNode * | node | ) |
Prune a configuration node.
Pruning a configuration is similar to freeing, but only fields that may be overridden are, leaving final type parameters. Additional the value of the provided node is also free'd, but the node itself is left.
- Parameters
-
node The configuration node to prune.
Definition at line 942 of file conf.c.
References ConfNodePrune(), ConfNode_::final, ConfNode_::name, next, SCFree, TAILQ_EMPTY, TAILQ_FIRST, TAILQ_NEXT, TAILQ_REMOVE, and ConfNode_::val.
Referenced by ConfNodePrune().
◆ ConfNodeRemove()
| void ConfNodeRemove | ( | ConfNode * | node | ) |
Remove (and SCFree) the provided configuration node.
Definition at line 667 of file conf.c.
References ConfNodeFree(), next, ConfNode_::parent, and TAILQ_REMOVE.
Referenced by ConfRemove().
◆ ConfRegisterTests()
| void ConfRegisterTests | ( | void | ) |
Definition at line 1466 of file conf.c.
References UtRegisterTest().
◆ ConfRemove()
| int ConfRemove | ( | const char * | name | ) |
Remove a configuration parameter from the configuration db.
- Parameters
-
name The name of the configuration parameter to remove.
- Return values
-
Returns 1 if the parameter was removed, otherwise 0 is returned most likely indicating the parameter was not set.
Definition at line 682 of file conf.c.
References ConfGetNode(), and ConfNodeRemove().
◆ ConfRestoreContextBackup()
| void ConfRestoreContextBackup | ( | void | ) |
◆ ConfSet()
| int ConfSet | ( | const char * | name, |
| const char * | val | ||
| ) |
Set a configuration value.
Configuration values set with this function may be overridden by subsequent calls, or if the value appears multiple times in a configuration file.
- Parameters
-
name The name of the configuration parameter to set. val The value of the configuration parameter.
- Return values
-
1 if the value was set otherwise 0.
Definition at line 219 of file conf.c.
Referenced by ConfSetFromString(), and PostConfLoadedSetup().
◆ ConfSetFinal()
| int ConfSetFinal | ( | const char * | name, |
| const char * | val | ||
| ) |
Set a final configuration value.
A final configuration value is a value that cannot be overridden by the configuration file. Its mainly useful for setting values that are supplied on the command line prior to the configuration file being loaded. However, a subsequent call to this function can override a previously set value.
- Parameters
-
name The name of the configuration parameter to set. val The value of the configuration parameter.
- Return values
-
1 if the value was set otherwise 0.
Definition at line 298 of file conf.c.
Referenced by ConfigSetDataDirectory(), ConfigSetLogDirectory(), and ConfSetFromString().
◆ ConfSetFromString()
| int ConfSetFromString | ( | const char * | input, |
| int | final | ||
| ) |
Set a configuration parameter from a string.
Where the input string is something like: stream.midstream=true
- Parameters
-
input the input string to be parsed.
- Return values
-
1 if the value of set, otherwise 0.
Definition at line 244 of file conf.c.
References ConfSet(), ConfSetFinal(), SCFree, SCStrdup, and unlikely.
◆ ConfValIsFalse()
| int ConfValIsFalse | ( | const char * | val | ) |
Check if a value is false.
The value is considered false if it is a string with the value of 0, no, false or off. The test is not case sensitive, any other value is not false.
- Parameters
-
val The string to test for a false value.
- Return values
-
1 If the value is false, 0 if not.
Definition at line 590 of file conf.c.
Referenced by AppLayerParserConfParserEnabled(), and AppLayerProtoDetectConfProtoDetectionEnabled().
◆ ConfValIsTrue()
| int ConfValIsTrue | ( | const char * | val | ) |
Check if a value is true.
The value is considered true if it is a string with the value of 1, yes, true or on. The test is not case sensitive, any other value is false.
- Parameters
-
val The string to test for a true value.
- Return values
-
1 If the value is true, 0 if not.
Definition at line 565 of file conf.c.
Referenced by AppLayerParserConfParserEnabled(), AppLayerProtoDetectConfProtoDetectionEnabled(), ConfGetBool(), ConfGetChildValueBool(), ConfNodeChildValueIsTrue(), ConfUnixSocketIsEnable(), FileForceHashParseCfg(), LogHttpLogInitCtx(), OutputEmailInitConf(), and SetupRuleAnalyzer().
