@@ -431,7 +431,9 @@ libclamav_la_SOURCES = \

 	json.c \

 	json.h \

 	hostid.c \

-	hostid.h

+	hostid.h \

+	openioc.c \

+	openioc.h

 libclamav_la_SOURCES += bignum.h\

 	bignum_fast.h\

@@ -1,4 +1,4 @@

-# Makefile.in generated by automake 1.11.6 from Makefile.am.

+# Makefile.in generated by automake 1.11.3 from Makefile.am.

 # @configure_input@

 # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,

@@ -36,23 +36,6 @@

 VPATH = @srcdir@

-am__make_dryrun = \

-  { \

-    am__dry=no; \

-    case $$MAKEFLAGS in \

-      *\\[\ \	]*) \

-        echo 'am--echo: ; @echo "AM"  OK' | $(MAKE) -f - 2>/dev/null \

-          | grep '^AM OK$$' >/dev/null || am__dry=yes;; \

-      *) \

-        for am__flg in $$MAKEFLAGS; do \

-          case $$am__flg in \

-            *=*|--*) ;; \

-            *n*) am__dry=yes; break;; \

-          esac; \

-        done;; \

-    esac; \

-    test $$am__dry = yes; \

-  }

 pkgdatadir = $(datadir)/@PACKAGE@

 pkgincludedir = $(includedir)/@PACKAGE@

 pkglibdir = $(libdir)/@PACKAGE@

@@ -251,13 +234,14 @@ am_libclamav_la_OBJECTS = libclamav_la-matcher-ac.lo \

 	libclamav_la-rijndael.lo libclamav_la-crtmgr.lo \

 	libclamav_la-asn1.lo libclamav_la-fpu.lo libclamav_la-stats.lo \

 	libclamav_la-www.lo libclamav_la-json.lo \

-	libclamav_la-hostid.lo libclamav_la-fp_add.lo \

-	libclamav_la-fp_add_d.lo libclamav_la-fp_addmod.lo \

-	libclamav_la-fp_cmp.lo libclamav_la-fp_cmp_d.lo \

-	libclamav_la-fp_cmp_mag.lo libclamav_la-fp_sub.lo \

-	libclamav_la-fp_sub_d.lo libclamav_la-fp_submod.lo \

-	libclamav_la-s_fp_add.lo libclamav_la-s_fp_sub.lo \

-	libclamav_la-fp_radix_size.lo libclamav_la-fp_read_radix.lo \

+	libclamav_la-hostid.lo libclamav_la-openioc.lo \

+	libclamav_la-fp_add.lo libclamav_la-fp_add_d.lo \

+	libclamav_la-fp_addmod.lo libclamav_la-fp_cmp.lo \

+	libclamav_la-fp_cmp_d.lo libclamav_la-fp_cmp_mag.lo \

+	libclamav_la-fp_sub.lo libclamav_la-fp_sub_d.lo \

+	libclamav_la-fp_submod.lo libclamav_la-s_fp_add.lo \

+	libclamav_la-s_fp_sub.lo libclamav_la-fp_radix_size.lo \

+	libclamav_la-fp_read_radix.lo \

 	libclamav_la-fp_read_signed_bin.lo \

 	libclamav_la-fp_read_unsigned_bin.lo \

 	libclamav_la-fp_reverse.lo libclamav_la-fp_s_rmap.lo \

@@ -426,11 +410,6 @@ RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \

 	install-pdf-recursive install-ps-recursive install-recursive \

 	installcheck-recursive installdirs-recursive pdf-recursive \

 	ps-recursive uninstall-recursive

-am__can_run_installinfo = \

-  case $$AM_UPDATE_INFO_DIR in \

-    n|no|NO) false;; \

-    *) (install-info --version) >/dev/null 2>&1;; \

-  esac

 HEADERS = $(include_HEADERS)

 RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive	\

   distclean-recursive maintainer-clean-recursive

@@ -806,8 +785,8 @@ libclamav_la_SOURCES = matcher-ac.c matcher-ac.h matcher-bm.c \

 	hfsplus.c hfsplus.h swf.c swf.h jpeg.c jpeg.h png.c png.h \

 	iso9660.c iso9660.h arc4.c arc4.h rijndael.c rijndael.h \

 	crtmgr.c crtmgr.h asn1.c asn1.h fpu.c fpu.h stats.c stats.h \

-	www.c www.h json.c json.h hostid.c hostid.h bignum.h \

-	bignum_fast.h tomsfastmath/addsub/fp_add.c \

+	www.c www.h json.c json.h hostid.c hostid.h openioc.c \

+	openioc.h bignum.h bignum_fast.h tomsfastmath/addsub/fp_add.c \

 	tomsfastmath/addsub/fp_add_d.c tomsfastmath/addsub/fp_addmod.c \

 	tomsfastmath/addsub/fp_cmp.c tomsfastmath/addsub/fp_cmp_d.c \

 	tomsfastmath/addsub/fp_cmp_mag.c tomsfastmath/addsub/fp_sub.c \

@@ -913,6 +892,7 @@ $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)

 $(am__aclocal_m4_deps):

 install-libLTLIBRARIES: $(lib_LTLIBRARIES)

 	@$(NORMAL_INSTALL)

+	test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)"

 	@list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \

 	list2=; for p in $$list; do \

 	  if test -f $$p; then \

@@ -920,8 +900,6 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES)

 	  else :; fi; \

 	done; \

 	test -z "$$list2" || { \

-	  echo " $(MKDIR_P) '$(DESTDIR)$(libdir)'"; \

-	  $(MKDIR_P) "$(DESTDIR)$(libdir)" || exit 1; \

 	  echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \

 	  $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \

 	}

@@ -1160,6 +1138,7 @@ distclean-compile:

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-mspack.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-nulsft.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-ole2_extract.Plo@am__quote@

+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-openioc.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-others.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-packlibs.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-pdf.Plo@am__quote@

@@ -2162,6 +2141,13 @@ libclamav_la-hostid.lo: hostid.c

 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@

 @am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libclamav_la_CFLAGS) $(CFLAGS) -c -o libclamav_la-hostid.lo `test -f 'hostid.c' || echo '$(srcdir)/'`hostid.c

+libclamav_la-openioc.lo: openioc.c

+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libclamav_la_CFLAGS) $(CFLAGS) -MT libclamav_la-openioc.lo -MD -MP -MF $(DEPDIR)/libclamav_la-openioc.Tpo -c -o libclamav_la-openioc.lo `test -f 'openioc.c' || echo '$(srcdir)/'`openioc.c

+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libclamav_la-openioc.Tpo $(DEPDIR)/libclamav_la-openioc.Plo

+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='openioc.c' object='libclamav_la-openioc.lo' libtool=yes @AMDEPBACKSLASH@

+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@

+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libclamav_la_CFLAGS) $(CFLAGS) -c -o libclamav_la-openioc.lo `test -f 'openioc.c' || echo '$(srcdir)/'`openioc.c

+

 libclamav_la-fp_add.lo: tomsfastmath/addsub/fp_add.c

 @am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libclamav_la_CFLAGS) $(CFLAGS) -MT libclamav_la-fp_add.lo -MD -MP -MF $(DEPDIR)/libclamav_la-fp_add.Tpo -c -o libclamav_la-fp_add.lo `test -f 'tomsfastmath/addsub/fp_add.c' || echo '$(srcdir)/'`tomsfastmath/addsub/fp_add.c

 @am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libclamav_la-fp_add.Tpo $(DEPDIR)/libclamav_la-fp_add.Plo

@@ -2953,11 +2939,8 @@ clean-libtool:

 	-rm -rf .libs _libs

 install-includeHEADERS: $(include_HEADERS)

 	@$(NORMAL_INSTALL)

+	test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)"

 	@list='$(include_HEADERS)'; test -n "$(includedir)" || list=; \

-	if test -n "$$list"; then \

-	  echo " $(MKDIR_P) '$(DESTDIR)$(includedir)'"; \

-	  $(MKDIR_P) "$(DESTDIR)$(includedir)" || exit 1; \

-	fi; \

 	for p in $$list; do \

 	  if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \

 	  echo "$$d$$p"; \

@@ -3140,10 +3123,13 @@ distdir: $(DISTFILES)

 	done

 	@list='$(DIST_SUBDIRS)'; for subdir in $$list; do \

 	  if test "$$subdir" = .; then :; else \

-	    $(am__make_dryrun) \

-	      || test -d "$(distdir)/$$subdir" \

-	      || $(MKDIR_P) "$(distdir)/$$subdir" \

-	      || exit 1; \

+	    test -d "$(distdir)/$$subdir" \

+	    || $(MKDIR_P) "$(distdir)/$$subdir" \

+	    || exit 1; \

+	  fi; \

+	done

+	@list='$(DIST_SUBDIRS)'; for subdir in $$list; do \

+	  if test "$$subdir" = .; then :; else \

 	    dir1=$$subdir; dir2="$(distdir)/$$subdir"; \

 	    $(am__relativize); \

 	    new_distdir=$$reldir; \

new file mode 100644

@@ -0,0 +1,288 @@

+/*

+ *  Copyright (C) 2014 Cisco Systems, Inc.

+ *

+ *  Authors: Steven Morgan <smorgan@sourcefire.com>

+ *

+ *  This program is free software; you can redistribute it and/or modify

+ *  it under the terms of the GNU General Public License version 2 as

+ *  published by the Free Software Foundation.

+ *

+ *  This program is distributed in the hope that it will be useful,

+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of

+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+ *  GNU General Public License for more details.

+ *

+ *  You should have received a copy of the GNU General Public License

+ *  along with this program; if not, write to the Free Software

+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

+ *  MA 02110-1301, USA.

+ */

+

+#if HAVE_CONFIG_H

+#include "clamav-config.h"

+#endif

+#include <stdio.h>

+#include <stdlib.h>

+#include <dirent.h>

+#include <errno.h>

+#include <string.h>

+

+#if HAVE_LIBXML2

+#ifdef _WIN32

+#ifndef LIBXML_WRITER_ENABLED

+#define LIBXML_WRITER_ENABLED 1

+#endif

+#endif

+#include <libxml/xmlreader.h>

+#endif

+

+#include <openssl/ssl.h>

+#include <openssl/err.h>

+

+#include "libclamav/crypto.h"

+#include "others.h"

+#include "openioc.h"

+

+struct openioc_hash {

+    unsigned char * hash;

+    void * next;

+};

+

+static const xmlChar * openioc_read(xmlTextReaderPtr reader)

+{

+    const xmlChar * name;

+    if (xmlTextReaderRead(reader) != 1)

+        return NULL;

+    name = xmlTextReaderConstLocalName(reader);

+    if (name != NULL) {

+        cli_dbgmsg("cli_openioc: xmlTextReaderRead read %s%s\n", name,

+                   xmlTextReaderNodeType(reader) == XML_READER_TYPE_END_ELEMENT?" end tag":"");

+    }

+    return name;   

+}

+

+static int openioc_parse_content(xmlTextReaderPtr reader, struct openioc_hash ** elems)

+{

+    xmlChar * type = xmlTextReaderGetAttribute(reader, (const xmlChar *)"type");

+    const xmlChar * xmlval;

+    struct openioc_hash * elem;

+    int rc = CL_SUCCESS;

+

+    if (type == NULL) {

+        cli_dbgmsg("cli_openioc: xmlTextReaderGetAttribute no type attribute "

+                   "for <Content> element\n");

+        return rc;

+    } else { 

+        if (xmlStrcasecmp(type, (const xmlChar *)"sha1") &&

+            xmlStrcasecmp(type, (const xmlChar *)"sha256") &&

+            xmlStrcasecmp(type, (const xmlChar *)"md5")) {

+            xmlFree(type);

+            return rc;

+        }

+    }

+    xmlFree(type);

+    

+    if (xmlTextReaderRead(reader) == 1 && xmlTextReaderNodeType(reader) == XML_READER_TYPE_TEXT) {

+        xmlval = xmlTextReaderConstValue(reader);

+        if (xmlval) {

+            elem = cli_calloc(1, sizeof(struct openioc_hash));

+            if (NULL == elem) {

+                cli_dbgmsg("cli_openioc: calloc fails for openioc_hash.\n");

+                return CL_EMEM;

+            }

+            elem->hash = xmlStrdup(xmlval);

+            elem->next = *elems;

+            *elems = elem; 

+        } else {

+            cli_dbgmsg("cli_openioc: xmlTextReaderConstValue() returns NULL for Content md5 value.\n");           

+        }

+    }

+    else {

+        cli_dbgmsg("cli_openioc: No text for XML Content element.\n");

+    }

+    return rc;

+}

+

+static int openioc_parse_indicatoritem(xmlTextReaderPtr reader, struct openioc_hash ** elems)

+{

+    const xmlChar * name;

+    int rc = CL_SUCCESS;

+

+    while (1) {

+        name = openioc_read(reader);

+        if (name == NULL)

+            break;

+        if (xmlStrEqual(name, (const xmlChar *)"Content") && 

+            xmlTextReaderNodeType(reader) == XML_READER_TYPE_ELEMENT) {

+            rc = openioc_parse_content(reader, elems);

+            if (rc != CL_SUCCESS) {

+                cli_dbgmsg("cli_openioc: openioc_parse_content error.\n");

+                break;

+            }

+        } else if (xmlStrEqual(name, (const xmlChar *)"IndicatorItem") &&

+                   xmlTextReaderNodeType(reader) == XML_READER_TYPE_END_ELEMENT) {

+            break;

+        }

+    }

+    return rc;

+}

+

+static int openioc_parse_indicator(xmlTextReaderPtr reader, struct openioc_hash ** elems)

+{

+    const xmlChar * name;

+    int rc = CL_SUCCESS;

+

+    while (1) {

+        name = openioc_read(reader);

+        if (name == NULL)

+            return rc;

+        if (xmlStrEqual(name, (const xmlChar *)"Indicator") && 

+            xmlTextReaderNodeType(reader) == XML_READER_TYPE_ELEMENT) {

+            rc = openioc_parse_indicator(reader, elems);

+            if (rc != CL_SUCCESS) {

+                cli_dbgmsg("cli_openioc: openioc_parse_indicator recursion error.\n");

+                break;

+            }

+        } else if (xmlStrEqual(name, (const xmlChar *)"IndicatorItem") && 

+            xmlTextReaderNodeType(reader) == XML_READER_TYPE_ELEMENT) {

+            rc = openioc_parse_indicatoritem(reader, elems);

+            if (rc != CL_SUCCESS) {

+                cli_dbgmsg("cli_openioc: openioc_parse_indicatoritem error.\n");

+                break;

+            }

+        } else if (xmlStrEqual(name, (const xmlChar *)"Indicator") &&

+                   xmlTextReaderNodeType(reader) == XML_READER_TYPE_END_ELEMENT) {

+            break;

+        }

+    }

+    return rc;

+}

+

+int openioc_parse(const char * fname, int fd, struct cl_engine *engine)

+{

+    int rc;

+    xmlTextReaderPtr reader = NULL;

+    const xmlChar * name;

+    struct openioc_hash * elems = NULL, * elem = NULL;

+    const char * iocp = NULL;

+    char iocname[MAXPATHLEN] = {0};

+    uint16_t ioclen;

+    char * virusname;

+    

+    if (fname == NULL)

+        return CL_ENULLARG;

+

+    if (fd < 0)

+        return CL_EARG;

+

+    cli_dbgmsg("cli_openioc: XML parsing file %s\n", fname);

+

+    reader = xmlReaderForFd(fd, NULL, NULL, 0);

+    if (reader == NULL) {

+        cli_dbgmsg("cli_openioc: xmlReaderForFd error\n");

+        return CL_EOPEN;

+    }

+    rc = xmlTextReaderRead(reader);

+    while (rc == 1) {

+        name = xmlTextReaderConstLocalName(reader);

+        cli_dbgmsg("cli_openioc: xmlTextReaderRead read %s\n", name);

+        if (xmlStrEqual(name, (const xmlChar *)"Indicator") && 

+            xmlTextReaderNodeType(reader) == XML_READER_TYPE_ELEMENT) {

+            rc = openioc_parse_indicator(reader, &elems);

+            if (rc != CL_SUCCESS) {

+                cli_dbgmsg("cli_openioc: openioc_parse_indicator error.\n");

+                return rc;

+            }

+        }

+        if (xmlStrEqual(name, (const xmlChar *)"ioc") &&

+            xmlTextReaderNodeType(reader) == XML_READER_TYPE_END_ELEMENT) {

+            break;

+        }

+        rc = xmlTextReaderRead(reader);

+    }

+

+    iocp = strrchr(fname, *PATHSEP);

+

+    if (NULL == iocp)

+        iocp = fname;

+    else

+        iocp++;

+

+    strncpy(iocname, iocp, MAXPATHLEN-1);

+    ioclen = strlen(iocname);

+

+    if (elems != NULL) {

+        if (NULL == engine->hm_hdb) {

+            engine->hm_hdb = mpool_calloc(engine->mempool, 1, sizeof(struct cli_matcher));

+            if (NULL == engine->hm_hdb)            

+                return CL_EMEM;

+#ifdef USE_MPOOL

+            engine->hm_hdb->mempool = engine->mempool;

+#endif

+        }

+    }

+

+    while (elems != NULL) {

+        char * hash, * sp, * vp;

+        int i, hashlen;

+

+        elem = elems;

+        elems = elems->next;

+        hash = elem->hash;

+        while (isspace(*hash))

+            hash++;

+        hashlen = strlen(hash);

+        if (hashlen == 0) {

+            xmlFree(elem->hash);

+            free(elem);

+            continue;

+        }

+        sp = hash+hashlen-1;

+        while (isspace(*sp) && sp > hash) {

+            *sp-- = '\0';

+            hashlen--;

+        }

+        virusname = cli_malloc(ioclen+hashlen+2);

+        if (NULL == virusname) {

+            cli_dbgmsg("cli_openioc: malloc virname failed.\n");

+            return CL_EMEM;

+        }

+        vp = virusname;

+        sp = iocname;

+        for (i=0; i<ioclen; i++, sp++, vp++) {

+            switch (*sp) {

+            case '\\':

+            case '/':

+            case '?':

+            case '%':

+            case '*':

+            case ':':

+            case '|':

+            case '"':

+            case '<':

+            case '>':

+                *vp = '_';

+            default:

+                if (isspace(*sp))

+                    *vp = '_';

+                else

+                    *vp = *sp;

+            }

+        }

+        *vp++ = '.';

+        sp = hash;

+        for (i=0; i<hashlen; i++, sp++) {

+            if (isxdigit(*sp)) {

+                *vp++ = *sp;

+            }

+        }

+        *vp = '\0';

+        rc = hm_addhash_str(engine->hm_hdb, hash, 0, virusname);

+        if (rc != CL_SUCCESS) {

+            cli_dbgmsg("cli_openioc: hm_addhash_str failed with %i hash len %i for %s.\n",

+                       rc, hashlen, virusname);

+        }

+        xmlFree(elem->hash);

+        free(elem);

+    }

+}

new file mode 100644

@@ -0,0 +1,26 @@

+/*

+ *  Copyright (C) 2014 Cisco Systems, Inc.

+ *

+ *  Authors: Steven Morgan <smorgan@sourcefire.com>

+ *

+ *  This program is free software; you can redistribute it and/or modify

+ *  it under the terms of the GNU General Public License version 2 as

+ *  published by the Free Software Foundation.

+ *

+ *  This program is distributed in the hope that it will be useful,

+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of

+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+ *  GNU General Public License for more details.

+ *

+ *  You should have received a copy of the GNU General Public License

+ *  along with this program; if not, write to the Free Software

+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

+ *  MA 02110-1301, USA.

+ */

+

+#ifndef _OPENIOC_H_ 

+#define _OPENIOC_H_ 

+

+int openioc_parse(const char * fname, int fd, struct cl_engine *engine);

+

+#endif

@@ -1,5 +1,5 @@

 /*

- *  Copyright (C) 2007-2012 Sourcefire, Inc.

+ *  Copyright (C) 2007-2014 Cisco Systems, Inc.

  *

  *  Authors: Tomasz Kojm

  *

@@ -79,6 +79,7 @@

 #include "bytecode_api.h"

 #include "bytecode_priv.h"

 #include "cache.h"

+#include "openioc.h"

 #ifdef CL_THREAD_SAFE

 #  include <pthread.h>

 static pthread_mutex_t cli_ref_mutex = PTHREAD_MUTEX_INITIALIZER;

@@ -2601,6 +2602,14 @@ static int cli_loadmscat(FILE *fs, const char *dbname, struct cl_engine *engine,

     return 0;

 }

+static int cli_loadopenioc(FILE *fs, const char *dbname, struct cl_engine *engine)

+{

+    int rc;

+    rc = openioc_parse(dbname, fileno(fs), engine);

+    if (rc != CL_SUCCESS)

+        return CL_EMALFDB;

+}

+

 static int cli_loaddbdir(const char *dirname, struct cl_engine *engine, unsigned int *signo, unsigned int options);

 int cli_load(const char *filename, struct cl_engine *engine, unsigned int *signo, unsigned int options, struct cli_dbio *dbio)

@@ -2729,6 +2738,8 @@ int cli_load(const char *filename, struct cl_engine *engine, unsigned int *signo

     	ret = cli_loadcdb(fs, engine, signo, options, dbio);

     } else if(cli_strbcasestr(dbname, ".cat")) {

 	ret = cli_loadmscat(fs, dbname, engine, options, dbio);

+    } else if(cli_strbcasestr(dbname, ".ioc")) {

+	ret = cli_loadopenioc(fs, dbname, engine);

     } else {

 	cli_dbgmsg("cli_load: unknown extension - assuming old database format\n");

 	ret = cli_loaddb(fs, engine, signo, options, dbio, dbname);

@@ -2935,7 +2946,7 @@ static int cli_loaddbdir(const char *dirname, struct cl_engine *engine, unsigned

     }

     closedir(dd);

     if(ret == CL_EOPEN)

-	cli_errmsg("cli_loaddb(): No supported database files found in %s\n", dirname);

+	cli_errmsg("cli_loaddbdir(): No supported database files found in %s\n", dirname);

     return ret;

 }

@@ -1,5 +1,5 @@

 /*

- *  Copyright (C) 2007-2009 Sourcefire, Inc.

+ *  Copyright (C) 2007-2014 Cisco Systems, Inc.

  *

  *  Authors: Tomasz Kojm

  *

@@ -61,7 +61,8 @@

 	cli_strbcasestr(ext, ".cdb")   ||	\

 	cli_strbcasestr(ext, ".cat")   ||	\

 	cli_strbcasestr(ext, ".crb")   ||	\

-	cli_strbcasestr(ext, ".idb")		\

+	cli_strbcasestr(ext, ".idb")   ||	\

+	cli_strbcasestr(ext, ".ioc")		\

     )

 char *cli_virname(char *virname, unsigned int official);