From c389696337b68378965716fb75b9f15cf4fdc17b Mon Sep 17 00:00:00 2001
From: bmeeks8 <bmeeks8@bellsouth.net>
Date: Tue, 9 Sep 2014 14:12:10 -0400
Subject: Fix duplicate UUID when cloning a Snort interface.

---
 config/snort/snort_interfaces_edit.php |  9 ++++++---
 config/snort/snort_post_install.php    | 36 ++++++++++++++++++++++++++++++++++
 2 files changed, 42 insertions(+), 3 deletions(-)

(limited to 'config')

diff --git a/config/snort/snort_interfaces_edit.php b/config/snort/snort_interfaces_edit.php
index fb573a73..b272d895 100755
--- a/config/snort/snort_interfaces_edit.php
+++ b/config/snort/snort_interfaces_edit.php
@@ -206,7 +206,7 @@ if ($_POST["save"] && !$input_errors) {
 		if ($_POST['externallistname']) $natent['externallistname'] =  $_POST['externallistname']; else unset($natent['externallistname']);
 		if ($_POST['suppresslistname']) $natent['suppresslistname'] =  $_POST['suppresslistname']; else unset($natent['suppresslistname']);
 		if ($_POST['alertsystemlog'] == "on") { $natent['alertsystemlog'] = 'on'; }else{ $natent['alertsystemlog'] = 'off'; }
-		if ($_POST['configpassthru']) $natent['configpassthru'] = base64_encode($_POST['configpassthru']); else unset($natent['configpassthru']);
+		if ($_POST['configpassthru']) $natent['configpassthru'] = base64_encode(str_replace("\r\n", "\n", $_POST['configpassthru'])); else unset($natent['configpassthru']);
 		if ($_POST['cksumcheck']) $natent['cksumcheck'] = 'on'; else $natent['cksumcheck'] = 'off';
 		if ($_POST['fpm_split_any_any'] == "on") { $natent['fpm_split_any_any'] = 'on'; }else{ $natent['fpm_split_any_any'] = 'off'; }
 		if ($_POST['fpm_search_optimize'] == "on") { $natent['fpm_search_optimize'] = 'on'; }else{ $natent['fpm_search_optimize'] = 'off'; }
@@ -223,9 +223,9 @@ if ($_POST["save"] && !$input_errors) {
 				}
 				else
 					$snort_start = false;
-				exec("mv -f {$snortlogdir}/snort_{$oif_real}{$a_rule[$id]['uuid']} {$snortlogdir}/snort_{$if_real}{$a_rule[$id]['uuid']}");
+				@rename("{$snortlogdir}/snort_{$oif_real}{$a_rule[$id]['uuid']}", "{$snortlogdir}/snort_{$if_real}{$a_rule[$id]['uuid']}");
 				conf_mount_rw();
-				exec("mv -f {$snortdir}/snort_{$a_rule[$id]['uuid']}_{$oif_real} {$snortdir}/snort_{$a_rule[$id]['uuid']}_{$if_real}");
+				@rename("{$snortdir}/snort_{$a_rule[$id]['uuid']}_{$oif_real}", "{$snortdir}/snort_{$a_rule[$id]['uuid']}_{$if_real}");
 				conf_mount_ro();
 			}
 			$a_rule[$id] = $natent;
@@ -234,6 +234,9 @@ if ($_POST["save"] && !$input_errors) {
 			// Duplicating a new interface, so set flag to build new rules
 			$rebuild_rules = true;
 
+			// Duplicating an interface, so need to generate a new UUID for the cloned interface
+			$natent['uuid'] = snort_generate_id();
+
 			// Add the new duplicated interface configuration to the [rule] array in config
 			$a_rule[] = $natent;
 		}
diff --git a/config/snort/snort_post_install.php b/config/snort/snort_post_install.php
index c1be72cc..0650d187 100644
--- a/config/snort/snort_post_install.php
+++ b/config/snort/snort_post_install.php
@@ -45,6 +45,7 @@ require_once("/usr/local/pkg/snort/snort.inc");
 global $config, $g, $rebuild_rules, $pkg_interface, $snort_gui_include;
 
 $snortdir = SNORTDIR;
+$snortlogdir = SNORTLOGDIR;
 $snortlibdir = SNORTLIBDIR;
 $rcdir = RCFILEPREFIX;
 
@@ -114,6 +115,41 @@ $snort_widget_container = "snort_alerts-container:col2:close";
 if ($config['installedpackages']['snortglobal']['forcekeepsettings'] == 'on') {
 	log_error(gettext("[Snort] Saved settings detected... rebuilding installation with saved settings..."));
 	update_status(gettext("Saved settings detected..."));
+
+	/****************************************************************/
+	/* Do test and fix for duplicate UUIDs if this install was      */
+	/* impacted by the DUP (clone) bug that generated a duplicate   */
+	/* UUID for the cloned interface.                               */
+	/****************************************************************/
+	if (count($config['installedpackages']['snortglobal']['rule']) > 0) {
+		$uuids = array();
+		$snortconf = &$config['installedpackages']['snortglobal']['rule'];
+		foreach ($snortconf as &$snortcfg) {
+			// Check for and fix a duplicate UUID
+			$if_real = get_real_interface($snortcfg['interface']);
+			if (!isset($uuids[$snortcfg['uuid']])) {
+				$uuids[$snortcfg['uuid']] = $if_real;
+				continue;
+			}
+			else {
+				// Found a duplicate UUID, so generate a
+				// new one for the affected interface.
+				$old_uuid = $snortcfg['uuid'];
+				$new_uuid = snort_generate_id();
+				if (file_exists("{$snortlogdir}snort_{$if_real}{$old_uuid}/"))
+					@rename("{$snortlogdir}snort_{$if_real}{$old_uuid}/", "{$snortlogdir}snort_{$if_real}{$new_uuid}/");
+				$snortcfg['uuid'] = $new_uuid;
+				$uuids[$new_uuid] = $if_real;
+				log_error(gettext("[Snort] updated UUID for interface " . convert_friendly_interface_to_friendly_descr($snortcfg['interface']) . " from {$old_uuid} to {$new_uuid}."));
+			}
+		}
+		write_config("Snort pkg: updated interface UUIDs to eliminate duplicates.");
+		unset($uuids, $rulesets);
+	}
+	/****************************************************************/
+	/* End of duplicate UUID bug fix.                               */
+	/****************************************************************/
+
 	/* Do one-time settings migration for new multi-engine configurations */
 	update_output_window(gettext("Please wait... migrating settings to new configuration..."));
 	include('/usr/local/pkg/snort/snort_migrate_config.php');
-- 
cgit v1.2.3