1 /*
2  * This program is free software; you can redistribute it and/or modify
3  * it under the terms of the GNU General Public License Version 2 as
4  * published by the Free Software Foundation.  You may not use, modify or
5  * distribute this program under any other version of the GNU General
6  * Public License.
7  *
8  * This program is distributed in the hope that it will be useful,
9  * but WITHOUT ANY WARRANTY; without even the implied warranty of
10  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
11  * GNU General Public License for more details.
12  *
13  * You should have received a copy of the GNU General Public License
14  * along with this program; if not, write to the Free Software
15  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
16  *
17  * Copyright (C) 2014-2021 Cisco and/or its affiliates. All rights reserved.
18  * Copyright (C) 2005-2013 Sourcefire, Inc.
19  *
20  * Author: Steven Sturges
21  *
22  * Dynamic Library Loading for Snort
23  *
24  */
25 #ifndef _SF_DYNAMIC_PREPROCESSOR_H_
26 #define _SF_DYNAMIC_PREPROCESSOR_H_
27 
28 #include <ctype.h>
29 #ifdef SF_WCHAR
30 #include <wchar.h>
31 #endif
32 #include "sf_dynamic_meta.h"
33 #include "ipv6_port.h"
34 #include "obfuscation.h"
35 #include "memory_stats.h"
36 
37 /* specifies that a function does not return
38  * used for quieting Visual Studio warnings
39  */
40 #ifdef WIN32
41 #if _MSC_VER >= 1400
42 #define NORETURN __declspec(noreturn)
43 #else
44 #define NORETURN
45 #endif
46 #else
47 #define NORETURN
48 #endif
49 
50 #ifdef PERF_PROFILING
51 #ifndef PROFILE_PREPROCS_NOREDEF /* Don't redefine this from the main area */
52 #ifdef PROFILING_PREPROCS
53 #undef PROFILING_PREPROCS
54 #endif
55 #define PROFILING_PREPROCS _dpd.profilingPreprocsFunc()
56 #endif
57 #endif
58 
59 #define PREPROCESSOR_DATA_VERSION 28
60 
61 #include "sf_dynamic_common.h"
62 #include "sf_dynamic_engine.h"
63 #include "session_api.h"
64 #include "stream_api.h"
65 #include "str_search.h"
66 #include "obfuscation.h"
67 /*#include "sfportobject.h" */
68 #include "sfcontrol.h"
69 #ifdef SIDE_CHANNEL
70 #include "sidechannel_define.h"
71 #endif
72 #include "idle_processing.h"
73 #include "file_api.h"
74 #include "reload_api.h"
75 
76 struct _PreprocStats;
77 
78 #define MINIMUM_DYNAMIC_PREPROC_ID 10000
79 typedef void (*PreprocessorInitFunc)(struct _SnortConfig *, char *);
80 typedef void * (*AddPreprocFunc)(struct _SnortConfig *, void (*pp_func)(void *, void *), uint16_t, uint32_t, uint32_t);
81 typedef void * (*AddMetaEvalFunc)(struct _SnortConfig *, void (*meta_eval_func)(int, const uint8_t *),
82                                   uint16_t priority, uint32_t preproc_id);
83 typedef void (*AddPreprocExit)(void (*pp_exit_func) (int, void *), void *arg, uint16_t, uint32_t);
84 typedef void (*AddPreprocUnused)(void (*pp_unused_func) (int, void *), void *arg, uint16_t, uint32_t);
85 typedef void (*AddPreprocConfCheck)(struct _SnortConfig *, int (*pp_conf_chk_func) (struct _SnortConfig *));
86 typedef void (*AddToPostConfList)(struct _SnortConfig *sc, void (*post_config_func)(struct _SnortConfig *, int , void *), void *arg);
87 typedef int (*AlertQueueAdd)(uint32_t, uint32_t, uint32_t,
88                              uint32_t, uint32_t, const char *, void *);
89 typedef uint32_t (*GenSnortEvent)(Packet *p, uint32_t gid, uint32_t sid, uint32_t rev,
90                                   uint32_t classification, uint32_t priority, const char *msg);
91 #ifdef SNORT_RELOAD
92 typedef void (*PreprocessorReloadFunc)(struct _SnortConfig *, char *, void **);
93 typedef int (*PreprocessorReloadVerifyFunc)(struct _SnortConfig *, void *);
94 typedef void * (*PreprocessorReloadSwapFunc)(struct _SnortConfig *, void *);
95 typedef void (*PreprocessorReloadSwapFreeFunc)(void *);
96 #endif
97 
98 #ifndef SNORT_RELOAD
99 typedef void (*PreprocRegisterFunc)(const char *, PreprocessorInitFunc);
100 #else
101 typedef void (*PreprocRegisterFunc)(const char *, PreprocessorInitFunc,
102                                     PreprocessorReloadFunc,
103                                     PreprocessorReloadVerifyFunc,
104                                     PreprocessorReloadSwapFunc,
105                                     PreprocessorReloadSwapFreeFunc);
106 typedef void *(*GetRelatedReloadDataFunc)(struct _SnortConfig *, const char *);
107 #endif
108 typedef int (*ThresholdCheckFunc)(unsigned int, unsigned int, sfaddr_t*, sfaddr_t*, long);
109 typedef void (*InlineDropFunc)(void *);
110 typedef bool (*ActivePacketWasDroppedFunc)(void);
111 typedef bool (*InlineRetryFunc)(void *);
112 typedef void (*ActiveEnableFunc)(int);
113 typedef void (*DisableDetectFunc)(void *);
114 typedef void (*EnableDetectFunc)(void );
115 typedef int (*EnablePreprocessorFunc)(void *, uint32_t);
116 typedef int (*DetectFunc)(void *);
117 typedef void *(*GetRuleInfoByNameFunc)(char *);
118 typedef void *(*GetRuleInfoByIdFunc)(int);
119 typedef int (*printfappendfunc)(char *, int, const char *, ...);
120 typedef char ** (*TokenSplitFunc)(const char *, const char *, const int, int *, const char);
121 typedef void (*TokenFreeFunc)(char ***, int);
122 typedef void (*PreprocStatsNodeFreeFunc)(struct _PreprocStats *stats);
123 typedef void (*AddPreprocProfileFunc)(const char *, void *, int, void *, PreprocStatsNodeFreeFunc freefn);
124 typedef int (*ProfilingFunc)(void);
125 typedef int (*PreprocessFunc)(void *);
126 #ifdef DUMP_BUFFER
127 typedef void (*BufferDumpRegisterFunc)(TraceBuffer * (*)(), unsigned int);
128 #endif
129 typedef void (*PreprocStatsRegisterFunc)(const char *, void (*pp_stats_func)(int));
130 typedef void (*AddPreprocReset)(void (*pp_rst_func) (int, void *), void *arg, uint16_t, uint32_t);
131 typedef void (*AddPreprocResetStats)(void (*pp_rst_stats_func) (int, void *), void *arg, uint16_t, uint32_t);
132 typedef void (*AddPreprocReassemblyPktFunc)(void * (*pp_reass_pkt_func)(void), uint32_t);
133 typedef int (*SetPreprocReassemblyPktBitFunc)(void *, uint32_t);
134 typedef void (*DisablePreprocessorsFunc)(void *);
135 typedef char** (*DynamicGetHttpXffFieldsFunc)(int* nFields);
136 #ifdef TARGET_BASED
137 typedef int16_t (*FindProtocolReferenceFunc)(const char *);
138 typedef int16_t (*AddProtocolReferenceFunc)(const char *);
139 #if defined(FEAT_OPEN_APPID)
140 typedef const char * (*FindProtocolNameFunc)(int16_t);
141 #endif /* defined(FEAT_OPEN_APPID) */
142 typedef int (*IsAdaptiveConfiguredFunc)(void);
143 typedef int (*IsAdaptiveConfiguredForSnortConfigFunc)(struct _SnortConfig *);
144 #endif
145 typedef void (*IP6BuildFunc)(void *, const void *, int);
146 #define SET_CALLBACK_IP 0
147 #define SET_CALLBACK_ICMP_ORIG 1
148 typedef void (*IP6SetCallbacksFunc)(void *, int, char);
149 typedef void (*AddKeywordOverrideFunc)(struct _SnortConfig *, char *, char *, PreprocOptionInit,
150         PreprocOptionEval, PreprocOptionCleanup, PreprocOptionHash,
151         PreprocOptionKeyCompare, PreprocOptionOtnHandler,
152         PreprocOptionFastPatternFunc);
153 typedef void (*AddKeywordByteOrderFunc)(char *, PreprocOptionByteOrderFunc);
154 
155 typedef int (*IsPreprocEnabledFunc)(struct _SnortConfig *, uint32_t);
156 
157 typedef char * (*PortArrayFunc)(char *, PortObject *, int *);
158 
159 typedef int (*AlertQueueLog)(void *);
160 typedef void (*AlertQueueControl)(void);  /* reset, push, and pop */
161 typedef void (*SetPolicyFunc)(struct _SnortConfig *, tSfPolicyId);
162 typedef tSfPolicyId (*GetPolicyFromIdFunc)(uint16_t );
163 typedef void (*ChangePolicyFunc)(tSfPolicyId, void *p);
164 typedef void (*SetFileDataPtrFunc)(uint8_t *,uint16_t );
165 typedef void (*DetectResetFunc)(uint8_t *,uint16_t );
166 typedef void (*SetAltDecodeFunc)(uint16_t );
167 typedef void (*DetectFlagEnableFunc)(SFDetectFlagType);
168 typedef long (*DynamicStrtol)(const char *, char **, int);
169 typedef unsigned long(*DynamicStrtoul)(const char *, char **, int);
170 typedef const char* (*DynamicStrnStr)(const char *, int, const char *);
171 typedef const char* (*DynamicStrcasestr)(const char *, int, const char *);
172 typedef int (*DynamicStrncpy)(char *, const char *, size_t );
173 typedef const char* (*DynamicStrnPbrk)(const char *, int , const char *);
174 
175 typedef int (*EvalRTNFunc)(void *rtn, void *p, int check_ports);
176 
177 typedef void* (*EncodeNew)(void);
178 typedef void (*EncodeDelete)(void*);
179 typedef void (*EncodeUpdate)(void*);
180 typedef int (*EncodeFormat)(uint32_t, const void*, void*, int);
181 
182 typedef void* (*NewGrinderPktPtr)(void *, void *, uint8_t *);
183 typedef void (*DeleteGrinderPktPtr)(void*);
184 typedef bool (*PafEnabledFunc)(void);
185 typedef time_t (*SCPacketTimeFunc)(void);
186 typedef void (*SCGetPktTimeOfDay)(struct timeval *tv);
187 
188 #ifdef SIDE_CHANNEL
189 typedef bool (*SCEnabledFunc)(void);
190 typedef int (*SCRegisterRXHandlerFunc)(uint16_t type, SCMProcessMsgFunc processMsgFunc, void *data);
191 typedef int (*SCPreallocMessageTXFunc)(uint32_t length, SCMsgHdr **hdr, uint8_t **msg_ptr, void **msg_handle);
192 typedef int (*SCEnqueueMessageTXFunc)(SCMsgHdr *hdr, const uint8_t *msg, uint32_t length, void *msg_handle, SCMQMsgFreeFunc msgFreeFunc);
193 #endif
194 
195 
196 
197 typedef char* (*GetLogDirectory)(void);
198 
199 typedef int (*ControlSocketRegisterHandlerFunc)(uint16_t, OOBPreControlFunc, IBControlFunc,
200                                                 OOBPostControlFunc);
201 
202 typedef int (*RegisterIdleHandler)(IdleProcessingHandler);
203 #ifdef ACTIVE_RESPONSE
204 #define SND_BLK_RESP_FLAG_DO_CLIENT 1
205 #define SND_BLK_RESP_FLAG_DO_SERVER 2
206 typedef void (*DynamicSendBlockResponse)(void *packet, const uint8_t* buffer, uint32_t buffer_len, unsigned flags);
207 typedef void (*ActiveInjectDataFunc)(void *, uint32_t, const uint8_t *, uint32_t);
208 typedef void (*ActiveSendForwardResetFunc)(void *);
209 typedef void (*ActiveResponseFunc )(void *, const uint8_t *, uint32_t , uint32_t);
210 // NOTE: DynamicActive_ResponseFunc must match func ptr def Active_ResponseFunc in active.h
211 typedef void (*DynamicActive_ResponseFunc)(Packet *packet, void* data);
212 typedef int  (*ActiveQueueResponseFunc )(DynamicActive_ResponseFunc cb, void *);
213 #endif
214 typedef int (*DynamicSetFlowId)(const void* p, uint32_t id);
215 #ifdef HAVE_DAQ_EXT_MODFLOW
216 typedef int (*DynamicModifyFlow)(const DAQ_PktHdr_t *hdr, const DAQ_ModFlow_t* mod);
217 #endif
218 #ifdef HAVE_DAQ_QUERYFLOW
219 typedef int (*DynamicQueryFlow)(const DAQ_PktHdr_t *hdr, DAQ_QueryFlow_t* query);
220 #endif
221 
222 #if defined(DAQ_VERSION) && DAQ_VERSION > 8
223 typedef void (*DynamicDebugPkt)(uint8_t moduleId, uint8_t logLevel, const DAQ_Debug_Packet_Params_t *params, const char *msg, ...);
224 #endif
225 
226 #if defined(DAQ_VERSION) && DAQ_VERSION > 9
227 typedef int (*DynamicIoctl)(unsigned int type, char *buffer, size_t *len);
228 #endif
229 
230 typedef int (*DynamicIsStrEmpty)(const char * );
231 typedef void (*AddPeriodicCheck)(void (*pp_check_func) (int, void *), void *arg, uint16_t, uint32_t, uint32_t);
232 typedef void (*AddPostConfigFuncs)(struct _SnortConfig *, void (*pp_post_config_func) (struct _SnortConfig *, void *), void *arg);
233 typedef int (*AddOutPutModule)(const char *filename);
234 typedef int (*CanWhitelist)(void);
235 
236 #if defined(DAQ_CAPA_CST_TIMEOUT)
237 typedef bool (*CanGetTimeout)(void);
238 typedef void (*GetDaqCapaTimeOutFunc)(bool);
239 typedef void (*RegisterGetDaqCapaTimeoutFunc)(GetDaqCapaTimeOutFunc);
240 GetDaqCapaTimeOutFunc getDaqCapaTimeoutFnPtr;
241 #endif
242 
243 typedef uint32_t (*GetCapability)(void);
244 typedef void (*DisableAllPoliciesFunc)(struct _SnortConfig *);
245 typedef int (*ReenablePreprocBitFunc)(struct _SnortConfig *, unsigned int preproc_id);
246 typedef int (*DynamicCheckValueInRangeFunc)(const char *, char *,
247         unsigned long lo, unsigned long hi, unsigned long *value);
248 typedef bool (*DynamicReadyForProcessFunc) (void* pkt);
249 typedef int (*SslAppIdLookupFunc)(void * ssnptr, const char * serverName, const char * commonName, int32_t *serviceAppId, int32_t *clientAppId, int32_t *payloadAppId);
250 typedef void (*RegisterSslAppIdLookupFunc)(SslAppIdLookupFunc);
251 
252 typedef int32_t (*GetAppIdFunc)(void *ssnptr);
253 typedef void (*RegisterGetAppIdFunc)(GetAppIdFunc);
254 
255 typedef struct urlQueryContext* (*UrlQueryCreateFunc)(const char *url);
256 typedef void (*UrlQueryDestroyFunc)(struct urlQueryContext *context);
257 typedef int  (*UrlQueryMatchFunc)(void *ssnptr, struct urlQueryContext *context, uint16_t inUrlCat, uint16_t inUrlMinRep, uint16_t inUrlMaxRep);
258 typedef void (*RegisterUrlQueryFunc)(UrlQueryCreateFunc, UrlQueryDestroyFunc,UrlQueryMatchFunc);
259 
260 typedef int (*UserGroupIdGetFunc)(void *ssnptr, uint32_t *userId, uint32_t *realmId, unsigned *groupIdArray, unsigned groupIdArrayLen);
261 typedef void (*RegisterUserGroupIdGetFunc)(UserGroupIdGetFunc);
262 
263 typedef int (*GeoIpAddressLookupFunc)(const sfaddr_t *snortIp, uint16_t *geo);
264 typedef void (*RegisterGeoIpAddressLookupFunc)(GeoIpAddressLookupFunc);
265 
266 typedef void (*UpdateSSLSSnLogDataFunc)(void *ssnptr, uint8_t logging_on, uint8_t action_is_block, const char *ssl_cert_fingerprint,
267             uint32_t ssl_cert_fingerprint_len, uint32_t ssl_cert_status, uint8_t *ssl_policy_id,
268             uint32_t ssl_policy_id_len, uint32_t ssl_rule_id, uint16_t ssl_cipher_suite, uint8_t ssl_version,
269             uint16_t ssl_actual_action, uint16_t ssl_expected_action, uint32_t ssl_url_category,
270             uint16_t ssl_flow_status, uint32_t ssl_flow_error, uint32_t ssl_flow_messages,
271             uint64_t ssl_flow_flags, char *ssl_server_name, uint8_t *ssl_session_id, uint8_t session_id_len,
272             uint8_t *ssl_ticket_id, uint8_t ticket_id_len);
273 typedef void (*RegisterUpdateSSLSSnLogDataFunc)(UpdateSSLSSnLogDataFunc);
274 
275 typedef void (*EndSSLSSnLogDataFunc)(void *ssnptr, uint32_t ssl_flow_messages, uint64_t ssl_flow_flags) ;
276 typedef void (*RegisterEndSSLSSnLogDataFunc)(EndSSLSSnLogDataFunc);
277 
278 typedef int (*GetSSLActualActionFunc)(void *ssnptr, uint16_t *action);
279 typedef void (*RegisterGetSSLActualActionFunc)(GetSSLActualActionFunc);
280 
281 typedef void (*GetIntfDataFunc)(void *ssnptr,int32_t *ingressIntfIndex, int32_t *egressIntfIndex,
282                 int32_t *ingressZoneIndex, int32_t *egressZoneIndex) ;
283 typedef void (*RegisterGetIntfDataFunc)(GetIntfDataFunc);
284 
285 typedef void (*SetTlsHostAppIdFunc)(void *ssnptr, const char *serverName, const char *commonName,
286             const char *orgName, const char *subjectAltName, bool isSniMismatch,
287             int32_t *serviceAppId, int32_t *clientAppId, int32_t *payloadAppId);
288 typedef void (*RegisterSetTlsHostAppIdFunc)(SetTlsHostAppIdFunc);
289 
290 //
291 // SSL Callbacks
292 //
293 typedef bool (*DynamicIsSSLPolicyEnabledFunc)(struct _SnortConfig *sc);
294 typedef void (*DynamicSetSSLPolicyEnabledFunc)(struct _SnortConfig *sc, tSfPolicyId policy, bool value);
295 typedef void (*SetSSLCallbackFunc)(void *);
296 typedef void* (*GetSSLCallbackFunc)(void);
297 
298 typedef int (*_LoadLibraryFunc)(struct _SnortConfig *sc, const char * const path, int indent);
299 typedef void (*LoadAllLibsFunc)(struct _SnortConfig *sc, const char * const path, _LoadLibraryFunc loadFunc);
300 typedef void * _PluginHandle;
301 typedef _PluginHandle (*OpenDynamicLibraryFunc)(const char * const library_name, int useGlobal);
302 typedef void (*_dlsym_func)(void);
303 typedef _dlsym_func (*GetSymbolFunc)(_PluginHandle handle, char * symbol, DynamicPluginMeta * meta, int fatal);
304 typedef void (*CloseDynamicLibraryFunc)(_PluginHandle handle);
305 
306 #if defined(FEAT_OPEN_APPID)
307 typedef bool (*IsAppIdRequiredFunc)(void);
308 typedef void (*RegisterIsAppIdRequiredFunc)(IsAppIdRequiredFunc);
309 typedef void (*UnregisterIsAppIdRequiredFunc)(IsAppIdRequiredFunc);
310 struct AppIdApi;
311 #endif /* defined(FEAT_OPEN_APPID) */
312 
313 typedef bool (*ReadModeFunc)(void);
314 
315 typedef int (*GetPerfIndicatorsFunc)(void *Request);
316 
317 typedef uint32_t (*GetSnortPacketLatencyFunc)(void);
318 
319 typedef double (*GetSnortPacketDropPortionFunc)(void);
320 
321 typedef bool (*IsTestModeFunc)(void);
322 
323 typedef struct _SnortConfig* (*GetCurrentSnortConfigFunc)(void);
324 
325 typedef void (*AddPktTraceDataFunc)(int module, int traceLen);
326 
327 typedef const char* (*GetPktTraceActionMsgFunc)();
328 
329 #ifdef SNORT_RELOAD
330 typedef int (*ReloadAdjustRegisterFunc)(struct _SnortConfig* sc, const char* raName,
331                                         tSfPolicyId raPolicyId, ReloadAdjustFunc raFunc,
332                                         void *raUserData, ReloadAdjustUserFreeFunc raUserFreeFunc);
333 #endif
334 
335 typedef int (*DynamicSetPreserveFlow)(const void* p);
336 
337 // IPrep Last update count
338 typedef void (*IprepUpdateCountFunc)(uint8_t);
339 
340 typedef int (*RegisterMemoryStatsFunc)(uint preproc,
341                                        int (*MemoryStatsDisplayFunc)(FILE *fd,
342                                                                      char *buffer,
343                                                                      PreprocMemInfo *meminfo));
344 
345 typedef void* (*SnortAllocFunc)(int num, unsigned long size, uint32_t preproc, uint32_t data);
346 
347 typedef void (*SnortFreeFunc)(void * ptr, uint32_t size, uint32_t preproc, uint32_t data);
348 typedef bool (*ReputationProcessExternalIpFunc)(void *p, sfaddr_t* ip);
349 typedef void (*RegisterReputationProcessExternalFunc)(ReputationProcessExternalIpFunc);
350 typedef int (*ReputationGetEntryCountFunc)(void);
351 typedef void (*RegisterReputationGetEntryCountFunc)(ReputationGetEntryCountFunc);
352 /* FTP data transfer mode */
353 typedef bool (*ftpGetModefunc)(void *ssnptr);
354 typedef void (*RegisterFtpQueryModefunc)(ftpGetModefunc);
355 typedef void (*LogMsgThrottled)(void*, const char *, ...);
356 
357 #define ENC_DYN_FWD 0x80000000
358 #define ENC_DYN_NET 0x10000000
359 
360 /* Info Data passed to dynamic preprocessor plugin must include:
361  * version
362  * Pointer to AltDecodeBuffer
363  * Pointer to HTTP URI Buffers
364  * Pointer to functions to log Messages, Errors, Fatal Errors
365  * Pointer to function to add preprocessor to list of configure Preprocs
366  * Pointer to function to regsiter preprocessor configuration keyword
367  * Pointer to function to create preprocessor alert
368  */
369 typedef struct _DynamicPreprocessorData
370 {
371     int version;
372     int size;
373 
374     SFDataBuffer *altBuffer;
375     SFDataPointer *altDetect;
376     SFDataPointer *fileDataBuf;
377 
378     LogMsgFunc logMsg;
379     LogMsgFunc errMsg;
380     LogMsgFunc fatalMsg;
381     DebugMsgFunc debugMsg;
382     LogMsgThrottled errMsgThrottled;
383 
384     PreprocRegisterFunc registerPreproc;
385 #ifdef SNORT_RELOAD
386     GetRelatedReloadDataFunc getRelatedReloadData;
387 #endif
388     AddPreprocFunc addPreproc;
389     AddPreprocFunc addPreprocAllPolicies;
390     GetSnortInstance getSnortInstance;
391     AddPreprocExit addPreprocExit;
392     AddPreprocConfCheck addPreprocConfCheck;
393     RegisterPreprocRuleOpt preprocOptRegister;
394     AddPreprocProfileFunc addPreprocProfileFunc;
395     ProfilingFunc profilingPreprocsFunc;
396     void *totalPerfStats;
397 
398     AlertQueueAdd alertAdd;
399     GenSnortEvent genSnortEvent;
400     ThresholdCheckFunc thresholdCheck;
401 #ifdef ACTIVE_RESPONSE
402     ActiveEnableFunc activeSetEnabled;
403 #endif
404 
405     DetectFunc detect;
406     DisableDetectFunc disableDetect;
407     DisableDetectFunc disableAllDetect;
408     DisableDetectFunc disablePacketAnalysis;
409     EnableDetectFunc  enableContentDetect;
410     EnablePreprocessorFunc enablePreprocessor;
411 
412     SessionAPI *sessionAPI;
413     StreamAPI *streamAPI;
414     SearchAPI *searchAPI;
415 
416     char **config_file;
417     int *config_line;
418     printfappendfunc printfappend;
419     TokenSplitFunc tokenSplit;
420     TokenFreeFunc tokenFree;
421 
422     GetRuleInfoByNameFunc getRuleInfoByName;
423     GetRuleInfoByIdFunc getRuleInfoById;
424 #ifdef SF_WCHAR
425     DebugWideMsgFunc debugWideMsg;
426 #endif
427 
428     PreprocessFunc preprocess;
429 #ifdef DUMP_BUFFER
430     BufferDumpRegisterFunc registerBufferTracer;
431 #endif
432     char **debugMsgFile;
433     int *debugMsgLine;
434 
435     PreprocStatsRegisterFunc registerPreprocStats;
436     AddPreprocReset addPreprocReset;
437     AddPreprocResetStats addPreprocResetStats;
438     DisablePreprocessorsFunc disablePreprocessors;
439 
440     IP6BuildFunc ip6Build;
441     IP6SetCallbacksFunc ip6SetCallbacks;
442 
443     AlertQueueLog logAlerts;
444     AlertQueueControl resetAlerts;
445     AlertQueueControl pushAlerts;
446     AlertQueueControl popAlerts;
447 
448 #ifdef TARGET_BASED
449     FindProtocolReferenceFunc findProtocolReference;
450     AddProtocolReferenceFunc addProtocolReference;
451     IsAdaptiveConfiguredFunc isAdaptiveConfigured;
452     IsAdaptiveConfiguredForSnortConfigFunc isAdaptiveConfiguredForSnortConfig;
453 #endif
454 
455     AddKeywordOverrideFunc preprocOptOverrideKeyword;
456     AddKeywordByteOrderFunc preprocOptByteOrderKeyword;
457     IsPreprocEnabledFunc isPreprocEnabled;
458 
459     PortArrayFunc portObjectCharPortArray;
460 
461     GetPolicyFunc getNapRuntimePolicy;
462     GetPolicyFunc getIpsRuntimePolicy;
463     GetParserPolicyFunc getParserPolicy;
464     GetPolicyFunc getDefaultPolicy;
465     SetPolicyFunc setParserPolicy;
466     SetFileDataPtrFunc setFileDataPtr;
467     DetectResetFunc DetectReset;
468     SetAltDecodeFunc SetAltDecode;
469     GetAltDetectFunc GetAltDetect;
470     SetAltDetectFunc SetAltDetect;
471     IsDetectFlagFunc Is_DetectFlag;
472     DetectFlagDisableFunc DetectFlag_Disable;
473     DynamicStrtol SnortStrtol;
474     DynamicStrtoul SnortStrtoul;
475     DynamicStrnStr SnortStrnStr;
476     DynamicStrncpy SnortStrncpy;
477     DynamicStrnPbrk SnortStrnPbrk;
478     DynamicStrcasestr SnortStrcasestr;
479     EvalRTNFunc fpEvalRTN;
480 
481     ObfuscationApi *obApi;
482 
483     EncodeNew encodeNew;
484     EncodeDelete encodeDelete;
485     EncodeFormat encodeFormat;
486     EncodeUpdate encodeUpdate;
487 
488     NewGrinderPktPtr newGrinderPkt;
489     DeleteGrinderPktPtr deleteGrinderPkt;
490 
491     AddPreprocFunc addDetect;
492     PafEnabledFunc isPafEnabled;
493     SCPacketTimeFunc pktTime;
494     SCGetPktTimeOfDay getPktTimeOfDay;
495 #ifdef SIDE_CHANNEL
496     SCEnabledFunc isSCEnabled;
497     SCRegisterRXHandlerFunc scRegisterRXHandler;
498     SCPreallocMessageTXFunc scAllocMessageTX;
499     SCEnqueueMessageTXFunc scEnqueueMessageTX;
500 #endif
501 
502     GetLogDirectory getLogDirectory;
503 
504     ControlSocketRegisterHandlerFunc controlSocketRegisterHandler;
505     RegisterIdleHandler registerIdleHandler;
506 
507     GetPolicyFromIdFunc getPolicyFromId;
508     ChangePolicyFunc changeNapRuntimePolicy;
509     ChangePolicyFunc changeIpsRuntimePolicy;
510     InlineDropFunc inlineDropPacket;
511     InlineDropFunc inlineForceDropPacket;
512     InlineDropFunc inlineDropSessionAndReset;
513     InlineDropFunc inlineForceDropSession;
514     InlineDropFunc inlineForceDropSessionAndReset;
515     ActivePacketWasDroppedFunc active_PacketWasDropped;
516     InlineRetryFunc inlineRetryPacket;
517     DynamicIsStrEmpty SnortIsStrEmpty;
518     AddMetaEvalFunc addMetaEval;
519 #ifdef ACTIVE_RESPONSE
520     DynamicSendBlockResponse dynamicSendBlockResponse;
521 #endif
522     DynamicSetFlowId dynamicSetFlowId;
523 #ifdef HAVE_DAQ_EXT_MODFLOW
524     DynamicModifyFlow dynamicModifyFlow;
525 #endif
526 #ifdef HAVE_DAQ_QUERYFLOW
527     DynamicQueryFlow dynamicQueryFlow;
528 #endif
529 
530 #if defined(DAQ_VERSION) && DAQ_VERSION > 8
531     DynamicDebugPkt dynamicDebugPkt;
532 #endif
533 
534 #if defined(DAQ_VERSION) && DAQ_VERSION > 9
535     DynamicIoctl dynamicIoctl;
536 #endif
537 
538     AddPeriodicCheck addPeriodicCheck;
539     AddPostConfigFuncs addPostConfigFunc;
540     AddToPostConfList addFuncToPostConfigList;
541     char **snort_conf_dir;
542     AddOutPutModule addOutputModule;
543     CanWhitelist canWhitelist;
544     FileAPI *fileAPI;
545     DisableAllPoliciesFunc disableAllPolicies;
546     ReenablePreprocBitFunc reenablePreprocBit;
547     DynamicCheckValueInRangeFunc checkValueInRange;
548 
549     SetHttpBufferFunc setHttpBuffer;
550     GetHttpBufferFunc getHttpBuffer;
551 
552 #ifdef ACTIVE_RESPONSE
553     ActiveInjectDataFunc activeInjectData;
554     ActiveResponseFunc activeSendResponse;
555     ActiveSendForwardResetFunc activeSendForwardReset;
556     ActiveQueueResponseFunc activeQueueResponse;
557 #endif
558     GetSSLCallbackFunc getSSLCallback;
559     SetSSLCallbackFunc setSSLCallback;
560     SslAppIdLookupFunc         sslAppIdLookup;
561     RegisterSslAppIdLookupFunc registerSslAppIdLookup;
562 
563     GetAppIdFunc getAppId;
564     RegisterGetAppIdFunc registerGetAppId;
565 
566     UrlQueryCreateFunc urlQueryCreate;
567     UrlQueryDestroyFunc urlQueryDestroy;
568     UrlQueryMatchFunc urlQueryMatch;
569     RegisterUrlQueryFunc registerUrlQuery;
570 
571     UserGroupIdGetFunc userGroupIdGet;
572     RegisterUserGroupIdGetFunc registerUserGroupIdGet;
573 
574     GeoIpAddressLookupFunc geoIpAddressLookup;
575     RegisterGeoIpAddressLookupFunc registerGeoIpAddressLookup;
576 
577     UpdateSSLSSnLogDataFunc updateSSLSSnLogData;
578     RegisterUpdateSSLSSnLogDataFunc registerUpdateSSLSSnLogData;
579 
580     EndSSLSSnLogDataFunc endSSLSSnLogData;
581     RegisterEndSSLSSnLogDataFunc registerEndSSLSSnLogData;
582 
583     GetSSLActualActionFunc getSSLActualAction;
584     RegisterGetSSLActualActionFunc registerGetSSLActualAction;
585 
586     GetIntfDataFunc getIntfData;
587     RegisterGetIntfDataFunc registerGetIntfData;
588     DynamicReadyForProcessFunc readyForProcess;
589     DynamicIsSSLPolicyEnabledFunc isSSLPolicyEnabled;
590     DynamicSetSSLPolicyEnabledFunc setSSLPolicyEnabled;
591 
592     /* Preproc's fetch Snort performance indicators.  Used by IAB. */
593     GetPerfIndicatorsFunc getPerfIndicators;
594     GetSnortPacketLatencyFunc getPacketLatency;
595     GetSnortPacketDropPortionFunc getPacketDropPortion;
596 
597     LoadAllLibsFunc loadAllLibs;
598     OpenDynamicLibraryFunc openDynamicLibrary;
599     GetSymbolFunc getSymbol;
600     CloseDynamicLibraryFunc closeDynamicLibrary;
601 
602     DynamicGetHttpXffFieldsFunc getHttpXffFields;
603 
604 #if defined(FEAT_OPEN_APPID)
605     struct AppIdApi *appIdApi;
606     RegisterIsAppIdRequiredFunc registerIsAppIdRequired;
607     UnregisterIsAppIdRequiredFunc unregisterIsAppIdRequired;
608     IsAppIdRequiredFunc isAppIdRequired;
609 #endif /* defined(FEAT_OPEN_APPID) */
610     ReadModeFunc isReadMode;
611     IsTestModeFunc isTestMode;
612     GetCurrentSnortConfigFunc getCurrentSnortConfig;
613     bool *pkt_tracer_enabled;
614     char *trace;
615     uint32_t traceMax;
616     AddPktTraceDataFunc addPktTrace;
617     GetPktTraceActionMsgFunc getPktTraceActionMsg;
618 
619 #ifdef SNORT_RELOAD
620     ReloadAdjustRegisterFunc reloadAdjustRegister;
621 #endif
622 
623 #ifdef DAQ_MODFLOW_TYPE_PRESERVE_FLOW
624     DynamicSetPreserveFlow setPreserveFlow;
625 #endif
626     IprepUpdateCountFunc setIPRepUpdateCount;
627     RegisterMemoryStatsFunc registerMemoryStatsFunc;
628     SnortAllocFunc snortAlloc;
629     SnortFreeFunc snortFree;
630 #if defined(DAQ_CAPA_CST_TIMEOUT)
631     CanGetTimeout canGetTimeout;
632     RegisterGetDaqCapaTimeoutFunc registerGetDaqCapaTimeout;
633 #endif
634     GetCapability getCapability;
635 
636     ReputationGetEntryCountFunc reputation_get_entry_count;
637     RegisterReputationGetEntryCountFunc registerReputationGetEntryCount;
638     ReputationProcessExternalIpFunc reputation_process_external_ip;
639     RegisterReputationProcessExternalFunc registerReputationProcessExternal;
640     RegisterFtpQueryModefunc registerFtpmodeQuery;
641     ftpGetModefunc ftpGetMode;
642 
643     SetTlsHostAppIdFunc setTlsHostAppId;
644     RegisterSetTlsHostAppIdFunc registerSetTlsHostAppId;
645 } DynamicPreprocessorData;
646 
647 /* Function prototypes for Dynamic Preprocessor Plugins */
648 void CloseDynamicPreprocessorLibs(void);
649 int LoadDynamicPreprocessor(struct _SnortConfig *sc, const char * const library_name, int indent);
650 void LoadAllDynamicPreprocessors(struct _SnortConfig *sc, const char * const path);
651 typedef int (*InitPreprocessorLibFunc)(DynamicPreprocessorData *);
652 
653 int InitDynamicPreprocessors(void);
654 void RemoveDuplicatePreprocessorPlugins(void);
655 
656 /* This was necessary because of static code analysis not recognizing that
657  * fatalMsg did not return - use instead of fatalMsg
658  */
659 NORETURN void DynamicPreprocessorFatalMessage(const char *format, ...);
660 
661 extern DynamicPreprocessorData _dpd;
662 #endif /* _SF_DYNAMIC_PREPROCESSOR_H_ */
663