Re: [PATCH 1/5] ids-functions.pl: Drop downloader code for sourcefire based ruleset.

Yes, agreed. We should not send any HEAD requests at all. GET will be able to tell us the same.

Not sure if this is a relic from before when we had HTTP/1.1. Wow.

On 23 Mar 2022, at 04:04, Stefan Schantl stefan.schantl@ipfire.org wrote:

Even if the servers do not support HEAD requests, the remote filesize (content_length) can be obtained from the connection headers.

This generic method works for all servers and therefore we do not need the code for handle sourcefire servers in a different way anymore.

Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org

config/cfgroot/ids-functions.pl | 43 +++++---------------------------- 1 file changed, 6 insertions(+), 37 deletions(-)

diff --git a/config/cfgroot/ids-functions.pl b/config/cfgroot/ids-functions.pl index 94dccc8ae..eb276030b 100644 --- a/config/cfgroot/ids-functions.pl +++ b/config/cfgroot/ids-functions.pl @@ -354,43 +354,6 @@ sub downloadruleset ($) { return 1; }

• # Variable to store the filesize of the remote object.
  

• my $remote_filesize;
  

• # The sourcfire (snort rules) does not allow to send "HEAD" requests, so skip this check
  

• # for this webserver.
  

• #
  

• # Check if the ruleset source contains "snort.org".
  

• unless ($url =~ /\.snort\.org/) {
  

• 	# Pass the requrested url to the downloader.
  

• 	my $request = HTTP::Request->new(HEAD => $url);
  

• 	# Accept the html header.
  

• 	$request->header('Accept' => 'text/html');
  

• 	# Perform the request and fetch the html header.
  

• 	my $response = $downloader->request($request);
  

• 	# Check if there was any error.
  

• 	unless ($response->is_success) {
  

• 		# Obtain error.
  

• 		my $error = $response->status_line();
  

• 		# Log error message.
  

• 		&_log_to_syslog("Unable to download the ruleset. \($error\)");
  

• 		# Return "1" - false.
  

• 		return 1;
  

• 	}
  

• 	# Assign the fetched header object.
  

• 	my $header = $response->headers();
  

• 	# Grab the remote file size from the object and store it in the
  

• 	# variable.
  

• 	$remote_filesize = $header->content_length;
  

• }
  

• # Load perl module to deal with temporary files. use File::Temp;

@@ -416,6 +379,12 @@ sub downloadruleset ($) { return 1; }

• # Obtain the connection headers.
  

• my $headers = $response->headers;
  

• # Get the remote size of the downloaded file.
  

• my $remote_filesize = $headers->content_length;
  

• # Load perl stat module. use File::stat;

-- 2.30.2