From 85fd1c9fa7dad716a265a811f68c667414704785 Mon Sep 17 00:00:00 2001 From: James Swaro Date: Sun, 26 Jul 2015 12:46:45 -0500 Subject: [PATCH] Add hook 'HookAddToAnalyzerTree' to support TCPRS plugin This commit introduces a new hook, HookAddToAnalyzerTree, which allows plugins to add a new analyzer to the analyzer tree during analyzer tree creation. This hook is necessary to support the TCPRS plugin. Additionally, the order in which the scripts were loaded has been changed to address a problem with undefined variable errors due to load order issues. Signed-off-by: James Swaro --- src/analyzer/Manager.cc | 2 ++ src/plugin/Manager.cc | 34 +++++++++++++++++++++++++++++++--- src/plugin/Manager.h | 2 ++ src/plugin/Plugin.cc | 5 +++++ src/plugin/Plugin.h | 3 +++ 5 files changed, 43 insertions(+), 3 deletions(-) diff --git a/src/analyzer/Manager.cc b/src/analyzer/Manager.cc index bc8fceaf39..11ea418269 100644 --- a/src/analyzer/Manager.cc +++ b/src/analyzer/Manager.cc @@ -505,6 +505,8 @@ bool Manager::BuildInitialAnalyzerTree(Connection* conn) if ( ! analyzed ) conn->SetLifetime(non_analyzed_lifetime); + PLUGIN_HOOK_VOID(HOOK_ADD_TO_ANALYZER_TREE, HookAddToAnalyzerTree(conn)); + return true; } diff --git a/src/plugin/Manager.cc b/src/plugin/Manager.cc index 8e58c1296b..91a523aca3 100644 --- a/src/plugin/Manager.cc +++ b/src/plugin/Manager.cc @@ -183,8 +183,9 @@ bool Manager::ActivateDynamicPluginInternal(const std::string& name, bool ok_if_ } // Load {bif,scripts}/__load__.bro automatically. - - string init = dir + "lib/bif/__load__.bro"; + // Load scripts/__load__.bro first to avoid issue with undefined variables + // from the plugin + string init = dir + "scripts/__load__.bro"; if ( is_file(init) ) { @@ -192,7 +193,7 @@ bool Manager::ActivateDynamicPluginInternal(const std::string& name, bool ok_if_ scripts_to_load.push_back(init); } - init = dir + "scripts/__load__.bro"; + init = dir + "lib/bif/__load__.bro"; if ( is_file(init) ) { @@ -660,6 +661,33 @@ void Manager::HookDrainEvents() const } +void Manager::HookAddToAnalyzerTree(Connection *conn) const + { + HookArgumentList args; + + if ( HavePluginForHook(META_HOOK_PRE) ) + { + args.push_back(conn); + MetaHookPre(HOOK_ADD_TO_ANALYZER_TREE, args); + } + + hook_list *l = hooks[HOOK_ADD_TO_ANALYZER_TREE]; + + if ( l ) + { + for (hook_list::iterator i = l->begin() ; i != l->end(); ++i) + { + Plugin *p = (*i).second; + p->HookAddToAnalyzerTree(conn); + } + } + + if ( HavePluginForHook(META_HOOK_POST) ) + { + MetaHookPost(HOOK_ADD_TO_ANALYZER_TREE, args, HookArgument()); + } + } + void Manager::HookUpdateNetworkTime(double network_time) const { HookArgumentList args; diff --git a/src/plugin/Manager.h b/src/plugin/Manager.h index db812b6a8c..28add51e3b 100644 --- a/src/plugin/Manager.h +++ b/src/plugin/Manager.h @@ -264,6 +264,8 @@ public: */ void HookUpdateNetworkTime(double network_time) const; + void HookAddToAnalyzerTree(Connection *conn) const; + /** * Hook that informs plugins that the event queue is being drained. */ diff --git a/src/plugin/Plugin.cc b/src/plugin/Plugin.cc index f05378eb84..3c0d96e29e 100644 --- a/src/plugin/Plugin.cc +++ b/src/plugin/Plugin.cc @@ -23,6 +23,7 @@ const char* plugin::hook_name(HookType h) "DrainEvents", "UpdateNetworkTime", "BroObjDtor", + "AddToAnalyzerTree", // MetaHooks "MetaHookPre", "MetaHookPost", @@ -310,6 +311,10 @@ void Plugin::HookUpdateNetworkTime(double network_time) { } +void Plugin::HookAddToAnalyzerTree(Connection *conn) + { + } + void Plugin::HookBroObjDtor(void* obj) { } diff --git a/src/plugin/Plugin.h b/src/plugin/Plugin.h index 3562891e84..ebd62ef1aa 100644 --- a/src/plugin/Plugin.h +++ b/src/plugin/Plugin.h @@ -39,6 +39,7 @@ enum HookType { HOOK_DRAIN_EVENTS, //< Activates Plugin::HookDrainEvents() HOOK_UPDATE_NETWORK_TIME, //< Activates Plugin::HookUpdateNetworkTime. HOOK_BRO_OBJ_DTOR, //< Activates Plugin::HookBroObjDtor. + HOOK_ADD_TO_ANALYZER_TREE, // Activates Plugin::HookAddToAnalyzerTree // Meta hooks. META_HOOK_PRE, //< Activates Plugin::MetaHookPre(). @@ -636,6 +637,8 @@ protected: */ virtual void HookUpdateNetworkTime(double network_time); + virtual void HookAddToAnalyzerTree(Connection *conn); + /** * Hook for destruction of objects registered with * RequestBroObjDtor(). When Bro's reference counting triggers the