[1/5] ids-functions.pl: Drop downloader code for sourcefire based ruleset.
Commit Message
Even if the servers do not support HEAD requests, the remote filesize
(content_length) can be obtained from the connection headers.
This generic method works for all servers and therefore we do not need
the code for handle sourcefire servers in a different way anymore.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---
config/cfgroot/ids-functions.pl | 43 +++++----------------------------
1 file changed, 6 insertions(+), 37 deletions(-)
Comments
Yes, agreed. We should not send any HEAD requests at all. GET will be able to tell us the same.
Not sure if this is a relic from before when we had HTTP/1.1. Wow.
> On 23 Mar 2022, at 04:04, Stefan Schantl <stefan.schantl@ipfire.org> wrote:
>
> Even if the servers do not support HEAD requests, the remote filesize
> (content_length) can be obtained from the connection headers.
>
> This generic method works for all servers and therefore we do not need
> the code for handle sourcefire servers in a different way anymore.
>
> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
> ---
> config/cfgroot/ids-functions.pl | 43 +++++----------------------------
> 1 file changed, 6 insertions(+), 37 deletions(-)
>
> diff --git a/config/cfgroot/ids-functions.pl b/config/cfgroot/ids-functions.pl
> index 94dccc8ae..eb276030b 100644
> --- a/config/cfgroot/ids-functions.pl
> +++ b/config/cfgroot/ids-functions.pl
> @@ -354,43 +354,6 @@ sub downloadruleset ($) {
> return 1;
> }
>
> - # Variable to store the filesize of the remote object.
> - my $remote_filesize;
> -
> - # The sourcfire (snort rules) does not allow to send "HEAD" requests, so skip this check
> - # for this webserver.
> - #
> - # Check if the ruleset source contains "snort.org".
> - unless ($url =~ /\.snort\.org/) {
> - # Pass the requrested url to the downloader.
> - my $request = HTTP::Request->new(HEAD => $url);
> -
> - # Accept the html header.
> - $request->header('Accept' => 'text/html');
> -
> - # Perform the request and fetch the html header.
> - my $response = $downloader->request($request);
> -
> - # Check if there was any error.
> - unless ($response->is_success) {
> - # Obtain error.
> - my $error = $response->status_line();
> -
> - # Log error message.
> - &_log_to_syslog("Unable to download the ruleset. \($error\)");
> -
> - # Return "1" - false.
> - return 1;
> - }
> -
> - # Assign the fetched header object.
> - my $header = $response->headers();
> -
> - # Grab the remote file size from the object and store it in the
> - # variable.
> - $remote_filesize = $header->content_length;
> - }
> -
> # Load perl module to deal with temporary files.
> use File::Temp;
>
> @@ -416,6 +379,12 @@ sub downloadruleset ($) {
> return 1;
> }
>
> + # Obtain the connection headers.
> + my $headers = $response->headers;
> +
> + # Get the remote size of the downloaded file.
> + my $remote_filesize = $headers->content_length;
> +
> # Load perl stat module.
> use File::stat;
>
> --
> 2.30.2
>
@@ -354,43 +354,6 @@ sub downloadruleset ($) {
return 1;
}
- # Variable to store the filesize of the remote object.
- my $remote_filesize;
-
- # The sourcfire (snort rules) does not allow to send "HEAD" requests, so skip this check
- # for this webserver.
- #
- # Check if the ruleset source contains "snort.org".
- unless ($url =~ /\.snort\.org/) {
- # Pass the requrested url to the downloader.
- my $request = HTTP::Request->new(HEAD => $url);
-
- # Accept the html header.
- $request->header('Accept' => 'text/html');
-
- # Perform the request and fetch the html header.
- my $response = $downloader->request($request);
-
- # Check if there was any error.
- unless ($response->is_success) {
- # Obtain error.
- my $error = $response->status_line();
-
- # Log error message.
- &_log_to_syslog("Unable to download the ruleset. \($error\)");
-
- # Return "1" - false.
- return 1;
- }
-
- # Assign the fetched header object.
- my $header = $response->headers();
-
- # Grab the remote file size from the object and store it in the
- # variable.
- $remote_filesize = $header->content_length;
- }
-
# Load perl module to deal with temporary files.
use File::Temp;
@@ -416,6 +379,12 @@ sub downloadruleset ($) {
return 1;
}
+ # Obtain the connection headers.
+ my $headers = $response->headers;
+
+ # Get the remote size of the downloaded file.
+ my $remote_filesize = $headers->content_length;
+
# Load perl stat module.
use File::stat;