diff options
| -rw-r--r-- | inc/Maat_command.h | 8 | ||||
| -rw-r--r-- | src/entry/Maat_command.cpp | 14 | ||||
| -rw-r--r-- | src/entry/Maat_rule.cpp | 13 | ||||
| -rw-r--r-- | src/entry/Maat_table_runtime.cpp | 54 | ||||
| -rw-r--r-- | src/entry/rcu_hash.cpp | 28 | ||||
| -rw-r--r-- | src/entry/stream_fuzzy_hash.c | 26 | ||||
| -rw-r--r-- | src/inc_internal/Maat_table_schema.h | 4 | ||||
| -rw-r--r-- | src/inc_internal/rcu_hash.h | 23 | ||||
| -rw-r--r-- | test/test_maatframe.cpp | 91 |
9 files changed, 183 insertions, 78 deletions
diff --git a/inc/Maat_command.h b/inc/Maat_command.h index 72c728a..c59b2cc 100644 --- a/inc/Maat_command.h +++ b/inc/Maat_command.h @@ -17,6 +17,7 @@ enum MAAT_GROUP_RELATION }; enum MAAT_REGION_TYPE { + REGION_FLAG, REGION_EXPR, REGION_IP, REGION_IP_PLUS, @@ -55,6 +56,11 @@ enum MAAT_ADDR_DIRECTION ADDR_DIR_DOUBLE=0, ADDR_DIR_SINGLE=1 }; +struct Maat_rgn_flag_t +{ + uint64_t flag; + uint64_t flag_mask; +}; struct Maat_rgn_str_t { const char *keywords; @@ -122,6 +128,7 @@ struct Maat_region_t enum MAAT_REGION_TYPE region_type; union { + struct Maat_rgn_flag_t flag_rule; struct Maat_rgn_str_t expr_rule; struct Maat_rgn_ip_t ip_rule; struct Maat_rgn_intv_t interval_rule; @@ -136,6 +143,7 @@ struct Maat_cmd_region enum MAAT_REGION_TYPE region_type; union { + struct Maat_rgn_flag_t flag_rule; struct Maat_rgn_str_t expr_rule; struct Maat_rgn_ip_t ip_rule; struct Maat_rgn_ip_plus_t ip_plus_rule; diff --git a/src/entry/Maat_command.cpp b/src/entry/Maat_command.cpp index ae74f67..fa62db4 100644 --- a/src/entry/Maat_command.cpp +++ b/src/entry/Maat_command.cpp @@ -149,6 +149,9 @@ enum MAAT_TABLE_TYPE type_region2table(const struct Maat_region_t* p) enum MAAT_TABLE_TYPE ret=TABLE_TYPE_IP; switch(p->region_type) { + case REGION_FLAG: + ret=TABLE_TYPE_FLAG; + break; case REGION_IP: ret=TABLE_TYPE_IP; break; @@ -189,6 +192,9 @@ int get_valid_flag_offset(const char* line, enum MAAT_TABLE_TYPE type, int valid unsigned int column_seq=0, ret=0; switch(type) { + case TABLE_TYPE_FLAG: + column_seq=5; + break; case TABLE_TYPE_EXPR: column_seq=7; break; @@ -291,6 +297,10 @@ void serialize_region(const struct Maat_cmd_region* p, int group_id, char* buff, UNUSED size_t ret=0; switch(p->region_type) { + case REGION_FLAG: + ret=snprintf(buff, sz, "%d\t%d\t%lu\t%lu\t1", p->region_id, group_id, + p->flag_rule.flag, p->flag_rule.flag_mask); + break; case REGION_IP: ret=snprintf(buff, sz, "%d\t%d\t%d\t%s\t%s\t%hu\t%hu\t%s\t%s\t%hu\t%hu\t%d\t%d\t1", p->region_id, @@ -1858,6 +1868,8 @@ void _maat_copy_region(struct Maat_region_t* dst,const struct Maat_region_t* src } switch(dst->region_type) { + case REGION_FLAG: + break; case REGION_IP: dst->ip_rule.src_ip=_maat_strdup(src->ip_rule.src_ip); dst->ip_rule.mask_src_ip=_maat_strdup(src->ip_rule.mask_src_ip); @@ -1887,6 +1899,8 @@ void _maat_empty_region(struct Maat_region_t* p) p->table_name=NULL; switch(p->region_type) { + case REGION_FLAG: + break; case REGION_IP: free((char*)p->ip_rule.src_ip); free((char*)p->ip_rule.mask_src_ip); diff --git a/src/entry/Maat_rule.cpp b/src/entry/Maat_rule.cpp index 05735c3..99ec935 100644 --- a/src/entry/Maat_rule.cpp +++ b/src/entry/Maat_rule.cpp @@ -1338,7 +1338,7 @@ int add_flag_rule(struct Maat_table_schema* table, const char *line, struct db_f { struct Maat_region_inner* u_para=NULL; struct Maat_table_runtime * table_rt=Maat_table_runtime_get(scanner->table_rt_mgr, table->table_id); - int expr_id=0, ret=0; + int ret=0; u_para=Maat_region_inner_new(db_flag_rule->group_id, db_flag_rule->region_id, table->table_id, -1); ret=Maat_hierarchy_add_region_to_group(scanner->hier, db_flag_rule->group_id, db_flag_rule->region_id, table->table_id, u_para); @@ -1349,12 +1349,9 @@ int add_flag_rule(struct Maat_table_schema* table, const char *line, struct db_f return -1; } - expr_id=scanner->exprid_generator++; - Maat_region_inner_add_expr_id(u_para, expr_id); MESA_handle_runtime_log(logger,RLOG_LV_INFO,maat_module , - "Maat_table_runtime_flag_add expr_id:%d", expr_id); - - Maat_table_runtime_flag_add(table_rt, expr_id, db_flag_rule->flag, db_flag_rule->mask, u_para); + "add_flag_rule region_id:%d", db_flag_rule->region_id); + Maat_table_runtime_flag_add(table_rt, db_flag_rule->region_id, db_flag_rule->flag, db_flag_rule->mask, u_para); return 0; } @@ -1487,9 +1484,7 @@ int del_region_rule(struct Maat_table_schema* table, int region_id, int group_id break; case TABLE_TYPE_FLAG: table_rt=Maat_table_runtime_get(maat_scanner->table_rt_mgr, table->table_id); - MESA_handle_runtime_log(logger,RLOG_LV_INFO,maat_module , - "Maat_table_runtime_flag_del expr_id:%d", region->expr_id_cnt); - Maat_table_runtime_flag_del(table_rt, region->expr_id_cnt); + Maat_table_runtime_flag_del(table_rt, region->region_id); break; default: assert(0); diff --git a/src/entry/Maat_table_runtime.cpp b/src/entry/Maat_table_runtime.cpp index ba08fbd..3f0a995 100644 --- a/src/entry/Maat_table_runtime.cpp +++ b/src/entry/Maat_table_runtime.cpp @@ -96,11 +96,11 @@ struct Maat_table_runtime_manager struct Maat_garbage_bin* ref_bin; }; -static struct flag_rule *create_flag_rule(uint32_t id, uint64_t flag, uint64_t flag_mask, void *tag) +static struct flag_rule *create_flag_rule(uint32_t region_id, uint64_t flag, uint64_t flag_mask, void *tag) { struct flag_rule *rule = ALLOC(struct flag_rule, 1); - rule->flag_rule_id = id; + rule->flag_rule_id = region_id; rule->flag = flag; rule->mask = flag_mask; rule->user_tag = tag; @@ -462,15 +462,15 @@ void Maat_table_runtime_plugin_commit_update(struct Maat_table_runtime* table_rt return; } -void Maat_table_runtime_flag_add(struct Maat_table_runtime *table_rt, int expr_id, uint64_t flag, uint64_t mask, void *tag) +void Maat_table_runtime_flag_add(struct Maat_table_runtime *table_rt, int region_id, uint64_t flag, uint64_t mask, void *tag) { - struct flag_rule *rule = create_flag_rule(expr_id, flag, mask, tag); - rcu_hash_add(table_rt->flag.htable, (const char *)&expr_id, sizeof(int), rule); + struct flag_rule *rule = create_flag_rule(region_id, flag, mask, tag); + rcu_hash_add(table_rt->flag.htable, (const char *)®ion_id, sizeof(int), rule); } -void Maat_table_runtime_flag_del(struct Maat_table_runtime* table_rt, int expr_id) +void Maat_table_runtime_flag_del(struct Maat_table_runtime* table_rt, int region_id) { - rcu_hash_del(table_rt->flag.htable, (const char *)&expr_id, sizeof(int)); + rcu_hash_del(table_rt->flag.htable, (const char *)®ion_id, sizeof(int)); } void Maat_table_runtime_digest_add(struct Maat_table_runtime* table_rt, int expr_id, const char* digest, short confidence_degree, void* tag) @@ -914,23 +914,26 @@ int Maat_table_runtime_flag_commit_update(struct Maat_table_runtime *table_rt, v { int ret = 0; void **rule_array = NULL; + struct flag_rule *rules = NULL; struct flag_runtime *flag_rt = &(table_rt->flag); assert(table_rt->table_type==TABLE_TYPE_FLAG); - size_t rule_cnt = rcu_hash_list_updating_data(flag_rt->htable, &rule_array); - MESA_handle_runtime_log(logger, RLOG_LV_INFO, maat_module, - "new_flag_matcher commit rule_cnt:%zu", rule_cnt); - if (0 == rule_cnt) { - free(rule_array); - rule_array = NULL; + int updating_flag = rcu_hash_is_updating(flag_rt->htable); + if (0 == updating_flag) { return 0; } - struct flag_rule *rules=ALLOC(struct flag_rule, rule_cnt); - for (size_t i = 0; i < rule_cnt; i++) - { - rules[i] = *(struct flag_rule *)rule_array[i]; - } + rcu_hash_commit(flag_rt->htable); + + size_t rule_cnt = rcu_hash_list(flag_rt->htable, &rule_array); + MESA_handle_runtime_log(logger, RLOG_LV_INFO, maat_module, + "new_flag_matcher commit rule_cnt:%zu", rule_cnt); + if (rule_cnt > 0) { + rules = ALLOC(struct flag_rule, rule_cnt); + for (size_t i = 0; i < rule_cnt; i++) { + rules[i] = *(struct flag_rule *)rule_array[i]; + } + } struct flag_matcher *new_flag_matcher = NULL; struct flag_matcher *old_flag_matcher = NULL; @@ -943,18 +946,23 @@ int Maat_table_runtime_flag_commit_update(struct Maat_table_runtime *table_rt, v old_flag_matcher = flag_rt->matcher; flag_rt->matcher = new_flag_matcher; + if (old_flag_matcher != NULL) { Maat_garbage_bagging(table_rt->ref_garbage_bin, old_flag_matcher, (void (*)(void*))flag_matcher_free); } - rcu_hash_commit(flag_rt->htable); table_rt->origin_rule_num=rcu_hash_count(flag_rt->htable); - free(rules); - rules = NULL; - free(rule_array); - rule_array=NULL; + if (rules != NULL) { + free(rules); + rules = NULL; + } + + if (rule_array != NULL) { + free(rule_array); + rule_array=NULL; + } return ret; } diff --git a/src/entry/rcu_hash.cpp b/src/entry/rcu_hash.cpp index 5062787..70712de 100644 --- a/src/entry/rcu_hash.cpp +++ b/src/entry/rcu_hash.cpp @@ -198,12 +198,12 @@ void rcu_hash_add(struct rcu_hash_table *htable, const char *key, size_t key_len if (htable->effective_hash == 'a') { HASH_FIND(hh_b, htable->hashmap_b, key, key_len, tmp); if (NULL == tmp) { - HASH_ADD_KEYPTR(hh_b, htable->hashmap_b, key, key_len, node); + HASH_ADD_KEYPTR(hh_b, htable->hashmap_b, node->key, node->key_len, node); } } else { HASH_FIND(hh_a, htable->hashmap_a, key, key_len, tmp); if (NULL == tmp) { - HASH_ADD_KEYPTR(hh_a, htable->hashmap_a, key, key_len, node); + HASH_ADD_KEYPTR(hh_a, htable->hashmap_a, node->key, node->key_len, node); } } } @@ -272,6 +272,15 @@ size_t rcu_hash_count(struct rcu_hash_table *htable) } } +int rcu_hash_is_updating(struct rcu_hash_table *htable) +{ + if (NULL == htable) { + return 0; + } + + return htable->is_updating; +} + void rcu_hash_commit(struct rcu_hash_table *htable) { if (NULL == htable) { @@ -313,32 +322,27 @@ void rcu_hash_commit(struct rcu_hash_table *htable) pthread_mutex_unlock(&htable->update_mutex); } -size_t rcu_hash_list_updating_data(struct rcu_hash_table *htable, void ***data_array) +size_t rcu_hash_list(struct rcu_hash_table *htable, void ***data_array) { size_t i = 0; size_t node_cnt = 0; struct rcu_hash_node *node = NULL, *tmp = NULL; if (htable->effective_hash == 'a') { - node_cnt = HASH_CNT(hh_b, htable->hashmap_b); + node_cnt = HASH_CNT(hh_a, htable->hashmap_a); *data_array = ALLOC(void *, node_cnt); - HASH_ITER(hh_b, htable->hashmap_b, node, tmp) { + HASH_ITER(hh_a, htable->hashmap_a, node, tmp) { (*data_array)[i] = node->data; i++; } } else { - node_cnt = HASH_CNT(hh_a, htable->hashmap_a); + node_cnt = HASH_CNT(hh_b, htable->hashmap_b); *data_array = ALLOC(void *, node_cnt); - HASH_ITER(hh_a, htable->hashmap_a, node, tmp) { + HASH_ITER(hh_b, htable->hashmap_b, node, tmp) { (*data_array)[i] = node->data; i++; } } return node_cnt; -} - -int rcu_hash_updating_flag(struct rcu_hash_table *htable) -{ - return htable->is_updating; }
\ No newline at end of file diff --git a/src/entry/stream_fuzzy_hash.c b/src/entry/stream_fuzzy_hash.c index 5adf5b9..fb59086 100644 --- a/src/entry/stream_fuzzy_hash.c +++ b/src/entry/stream_fuzzy_hash.c @@ -24,7 +24,7 @@ void sfh_rs_entropy(IVI_seg_t * seg, void * user_para); void sfh_output_state_t(IVI_seg_t * seg, void * user_para); int write_uint_array(unsigned int ** array, unsigned int *index,unsigned int *size,unsigned int value); /** - * roll_state��ʼ�� + * roll_state��ʼ�� */ static inline void roll_init(struct roll_state_t * self) { @@ -32,7 +32,7 @@ static inline void roll_init(struct roll_state_t * self) } /** - * ����roll_hashֵ�����ⲿ���ݶ�ȡ�������� + * ����roll_hashֵ�����ⲿ���ݶ�ȡ�������� */ static inline void roll_hash(struct roll_state_t * self, unsigned char c) { @@ -53,7 +53,7 @@ static inline void roll_hash(struct roll_state_t * self, unsigned char c) } /** - * ���㴰�������roll_hashֵ��ÿ��roll_hashֵ����һ����������Ƭ + * ���㴰�������roll_hashֵ��ÿ��roll_hashֵ����һ����������Ƭ */ static inline unsigned int roll_sum(const struct roll_state_t * self) { @@ -61,7 +61,7 @@ static inline unsigned int roll_sum(const struct roll_state_t * self) } /** - * �����Ƭ��FNVֵ + * �����Ƭ��FNVֵ */ static inline unsigned int sum_hash(unsigned char c, unsigned int h) { @@ -69,7 +69,7 @@ static inline unsigned int sum_hash(unsigned char c, unsigned int h) } /** - * ����handle + * ����handle */ sfh_instance_t * SFH_instance(unsigned long long origin_len) { @@ -98,7 +98,7 @@ sfh_instance_t * SFH_instance(unsigned long long origin_len) /** - * IVI_destroy�Ļص�����������IVI�е����� + * IVI_destroy�Ļص�����������IVI�е����� */ void fuzzy_node_free(IVI_seg_t * seg, void * usr_para) { @@ -293,7 +293,7 @@ int destroy_sfh_seg(sfh_seg_t*p) return ret_size; } /** - * �ж������Ƿ����Ѿ�������������и��� + * �ж������Ƿ����Ѿ�������������и��� */ unsigned int segment_overlap(fuzzy_handle_inner_t * _handle, unsigned int size, unsigned long long offset, const char * data) { @@ -307,7 +307,7 @@ unsigned int segment_overlap(fuzzy_handle_inner_t * _handle, unsigned int size, //printf("size: %u\n",size); //printf("before query\n"); - /*��ѯ�Ƿ��и��ǣ�����и��ǣ����ظ��ǵ�segment��Ƭ�������û�и��ǣ�����0*/ + /*��ѯ�Ƿ��и��ǣ�����и��ǣ����ظ��ǵ�segment��Ƭ�������û�и��ǣ�����0*/ if(offset>0) { overlap_segnum = IVI_query(_handle->ivi, offset-1, offset + size, &overlap_segs); @@ -583,7 +583,7 @@ int sfh_merge_seg(fuzzy_handle_inner_t * _handle, sfh_seg_t * p, sfh_seg_t * n,u } /** - * ȡ���������������hash_resultֵ��������ƴ�ӣ��γ�����result�������������abc[1:100]def[200:300]���ָ�ʽ + * ȡ���������������hash_resultֵ��������ƴ�ӣ��γ�����result�������������abc[1:100]def[200:300]���ָ�ʽ */ int SFH_digest(sfh_instance_t * handle, char * hash_buffer, unsigned int size) { @@ -687,7 +687,7 @@ void sfh_output_callback(IVI_seg_t * seg, void * user_para) } /** - * ����fuzzy_hash�ĸ��ֳ��� + * ����fuzzy_hash�ĸ��ֳ��� */ unsigned long long SFH_status(sfh_instance_t * handle, int type) { @@ -697,13 +697,13 @@ unsigned long long SFH_status(sfh_instance_t * handle, int type) char buffer[64]; switch(type) { - case TOTAL_LENGTH: //�Ѿ������hashֵ��ȫ������ + case TOTAL_LENGTH: //�Ѿ������hashֵ��ȫ������ length = IVI_seg_length(_handle->ivi); break; - case EFFECTIVE_LENGTH: //�����ڼ���hashֵ�������Ч���� + case EFFECTIVE_LENGTH: //�����ڼ���hashֵ�������Ч���� length = _handle->effective_length; break; - case HASH_LENGTH: //��������ϣ����ij��� + case HASH_LENGTH: //��������ϣ����ij��� tmp_length.hash_length = 0; tmp_length.first_ZTH_offset = 0; tmp_length.last_ZTH_offset = 0; diff --git a/src/inc_internal/Maat_table_schema.h b/src/inc_internal/Maat_table_schema.h index 18b822e..bc5ff68 100644 --- a/src/inc_internal/Maat_table_schema.h +++ b/src/inc_internal/Maat_table_schema.h @@ -45,7 +45,8 @@ enum MAAT_TABLE_COMPONENT_TYPE enum MAAT_TABLE_TYPE { TABLE_TYPE_INVALID=-1, - TABLE_TYPE_EXPR=0, + TABLE_TYPE_FLAG=0, + TABLE_TYPE_EXPR, TABLE_TYPE_IP, TABLE_TYPE_IP_PLUS, TABLE_TYPE_INTERVAL, @@ -53,7 +54,6 @@ enum MAAT_TABLE_TYPE TABLE_TYPE_EXPR_PLUS, TABLE_TYPE_SIMILARITY, TABLE_TYPE_INTERVAL_PLUS, - TABLE_TYPE_FLAG, //Above are physical table for scan TABLE_TYPE_VIRTUAL, TABLE_TYPE_COMPOSITION, diff --git a/src/inc_internal/rcu_hash.h b/src/inc_internal/rcu_hash.h index b5186bb..24bba19 100644 --- a/src/inc_internal/rcu_hash.h +++ b/src/inc_internal/rcu_hash.h @@ -50,24 +50,29 @@ void rcu_hash_del(struct rcu_hash_table *htable, const char *key, size_t key_len */ void *rcu_hash_find(struct rcu_hash_table *htable, const char *key, size_t key_len); +/** + * @brief list all effective nodes + * + * @retval the number of effective nodes +*/ +size_t rcu_hash_list(struct rcu_hash_table *htable, void ***data_array); + size_t rcu_hash_count(struct rcu_hash_table *htable); /** + * @brief if rcu hash is updating + * + * @retval True(1) False(0) +*/ +int rcu_hash_is_updating(struct rcu_hash_table *htable); + +/** * @brief make add/del effective */ void rcu_hash_commit(struct rcu_hash_table *htable); size_t rcu_hash_garbage_queue_len(struct rcu_hash_table *htable); -size_t rcu_hash_list_updating_data(struct rcu_hash_table *htable, void ***data_array); - -/** - * @brief check if rcu hash table is updating - * - * @retval 1 means htable is updating, otherwise 0 -*/ -int rcu_hash_updating_flag(struct rcu_hash_table *htable); - #ifdef __cpluscplus } #endif diff --git a/test/test_maatframe.cpp b/test/test_maatframe.cpp index 27a631a..9ae633a 100644 --- a/test/test_maatframe.cpp +++ b/test/test_maatframe.cpp @@ -213,7 +213,6 @@ TEST(FlagScan, hitMultiCompile) int ret=0; int flag_table_id=0; struct Maat_rule_t result[4]; - int found_pos[4]; const char* flag_table_name="FLAG_CONFIG"; scan_status_t mid=NULL; @@ -2802,6 +2801,83 @@ int del_command(Maat_feather_t feather, int config_id) ret=Maat_command_raw_set_compile(feather, MAAT_OP_DEL, &compile, "COMPILE", NULL, 1, 0, 0); return ret; } + +TEST_F(MaatCmdTest, SetFlag) +{ + struct Maat_rule_t compile; + int config_id=0; + const char* region_table_name="FLAG_CONFIG"; + int ret=0; + memset(&compile, 0, sizeof(compile)); + Maat_feather_t feather=MaatCmdTest::_shared_feather; + + //MUST acquire by Maat_cmd_incrby to guarantee a unique compile ID. + //compile table add line + config_id=(int)Maat_cmd_incrby(feather, "TEST_SEQ", 1); + compile.config_id=config_id; + Maat_command_raw_set_compile(feather, MAAT_OP_ADD, &compile, "COMPILE", NULL, 1, 0, 0); + + //group2compile table add line + struct Maat_cmd_group2compile g2c; + memset(&g2c, 0, sizeof(g2c)); + g2c.group_id=Maat_command_get_new_group_id(feather); + g2c.compile_id=compile.config_id; + g2c.clause_index=1; + g2c.table_name="GROUP2COMPILE"; + Maat_command_raw_set_group2compile(feather, MAAT_OP_ADD, &g2c); + + //flag region table add line + struct Maat_cmd_region region1; + memset(®ion1, 0, sizeof(region1)); + region1.region_id=Maat_command_get_new_region_id(feather); + region1.region_type=REGION_FLAG; + region1.table_name=region_table_name; + region1.flag_rule.flag=7; + region1.flag_rule.flag_mask=7; + Maat_command_raw_set_region(feather, MAAT_OP_ADD, ®ion1, g2c.group_id); + + usleep(WAIT_FOR_EFFECTIVE_US * 2); + + struct Maat_rule_t result[4]; + scan_status_t mid=NULL; + int table_id=Maat_table_register(feather, region_table_name); + ASSERT_GT(table_id, 0); + memset(result, 0, sizeof(result)); + + /* 15 -> 0000 1111 should hit rule: flag-> 0000 0111 flag_mask-> 0000 0111 */ + uint64_t scan_data = 15; + ret=Maat_scan_flag(feather, table_id, scan_data, result, 4, &mid, 0); + EXPECT_EQ(ret, 1); + EXPECT_EQ(result[0].config_id, config_id); + + /* 11 -> 0000 1011 should not hit rule */ + scan_data = 11; + ret=Maat_scan_flag(feather, table_id, scan_data, result, 4, &mid, 0); + EXPECT_EQ(ret, 0); + Maat_clean_status(&mid); + mid = NULL; + + //flag region table del line + Maat_command_raw_set_region(feather, MAAT_OP_DEL, ®ion1, g2c.group_id); + usleep(WAIT_FOR_EFFECTIVE_US * 2); + + memset(result, 0, sizeof(result)); + scan_data = 15; + ret=Maat_scan_flag(feather, table_id, scan_data, result, 4, &mid, 0); + EXPECT_EQ(ret, -1); + + //flag region table add line + Maat_command_raw_set_region(feather, MAAT_OP_ADD, ®ion1, g2c.group_id); + usleep(WAIT_FOR_EFFECTIVE_US * 2); + + memset(result, 0, sizeof(result)); + scan_data = 15; + ret=Maat_scan_flag(feather, table_id, scan_data, result, 4, &mid, 0); + EXPECT_EQ(ret, 1); + EXPECT_EQ(result[0].config_id, config_id); + Maat_clean_status(&mid); +} + TEST_F(MaatCmdTest, SetIP) { struct Maat_rule_t compile; @@ -2830,10 +2906,6 @@ TEST_F(MaatCmdTest, SetIP) g2c.table_name="GROUP2COMPILE"; Maat_command_batch_set_group2compile(batch, MAAT_OP_ADD, &g2c); - - - - struct Maat_cmd_region region; memset(®ion, 0, sizeof(region)); region.region_type=REGION_IP; @@ -2891,9 +2963,6 @@ TEST_F(MaatCmdTest, SetIP) EXPECT_EQ(ret, 1); Maat_clean_status(&mid); - - return; - } TEST_F(MaatCmdTest, SetExpr) @@ -3014,7 +3083,7 @@ TEST_F(MaatCmdTest, SetExpr8) region1.expr_rule.expr_type=EXPR_TYPE_AND; Maat_command_raw_set_region(feather, MAAT_OP_ADD, ®ion1, group1.group_id); - usleep(WAIT_FOR_EFFECTIVE_US);//waiting for commands go into effect + usleep(WAIT_FOR_EFFECTIVE_US * 2);//waiting for commands go into effect struct Maat_rule_t result; scan_status_t mid=NULL; @@ -3035,7 +3104,7 @@ TEST_F(MaatCmdTest, SetExpr8) region1.expr_rule.keywords=keywords7; Maat_command_raw_set_region(feather, MAAT_OP_ADD, ®ion1, group1.group_id); - usleep(WAIT_FOR_EFFECTIVE_US);//waiting for commands go into effect + usleep(WAIT_FOR_EFFECTIVE_US * 2);//waiting for commands go into effect memset(&result, 0, sizeof(result)); mid=NULL; @@ -3863,6 +3932,7 @@ TEST_F(MaatCmdTest, PluginEXData) return; } + TEST_F(MaatCmdTest, UpdateIPPlugin) { #define IP_Plugin_EX_data @@ -4007,6 +4077,7 @@ TEST_F(MaatCmdTest, UpdateFQDNPlugin) return; } + TEST_F(MaatCmdTest, UpdateBoolPlugin) { #define Bool_Plugin_EX_data |