Bug #7 » 0001-Fixing-alert-unified-log-file-rotation.-Adding-unitt.patch
| src/alert-debuglog.c | ||
|---|---|---|
|
printf("ERROR: failed to open %s: %s\n", log_path, strerror(errno));
|
||
|
return -1;
|
||
|
}
|
||
|
if(file_ctx->config_file == NULL)
|
||
|
file_ctx->config_file = strdup("configfile.ad");
|
||
|
/** Remember the config file (or NULL if not indicated) */
|
||
|
}
|
||
|
return ret;
|
||
| src/alert-fastlog.c | ||
|---|---|---|
|
printf("ERROR: failed to open %s: %s\n", log_path, strerror(errno));
|
||
|
return -1;
|
||
|
}
|
||
|
if(file_ctx->config_file == NULL)
|
||
|
file_ctx->config_file = strdup("config.af");
|
||
|
/** Remember the config file (or NULL if not indicated) */
|
||
|
}
|
||
|
return 0;
|
||
| src/alert-unified-alert.c | ||
|---|---|---|
|
TmEcode AlertUnifiedAlertThreadInit(ThreadVars *, void *, void **);
|
||
|
TmEcode AlertUnifiedAlertThreadDeinit(ThreadVars *, void *);
|
||
|
int AlertUnifiedAlertOpenFileCtx(LogFileCtx *, char *);
|
||
|
void AlertUnifiedAlertRegisterTests (void);
|
||
|
void TmModuleAlertUnifiedAlertRegister (void) {
|
||
|
tmm_modules[TMM_ALERTUNIFIEDALERT].name = "AlertUnifiedAlert";
|
||
|
tmm_modules[TMM_ALERTUNIFIEDALERT].ThreadInit = AlertUnifiedAlertThreadInit;
|
||
|
tmm_modules[TMM_ALERTUNIFIEDALERT].Func = AlertUnifiedAlert;
|
||
|
tmm_modules[TMM_ALERTUNIFIEDALERT].ThreadDeinit = AlertUnifiedAlertThreadDeinit;
|
||
|
tmm_modules[TMM_ALERTUNIFIEDALERT].RegisterTests = NULL;
|
||
|
tmm_modules[TMM_ALERTUNIFIEDALERT].RegisterTests = AlertUnifiedAlertRegisterTests;
|
||
|
}
|
||
|
typedef struct AlertUnifiedAlertThread_ {
|
||
| ... | ... | |
|
}
|
||
|
int AlertUnifiedAlertCloseFile(ThreadVars *t, AlertUnifiedAlertThread *aun) {
|
||
|
if (aun->file_ctx->fp != NULL)
|
||
|
if (aun->file_ctx->fp != NULL) {
|
||
|
fclose(aun->file_ctx->fp);
|
||
|
if (aun->file_ctx->filename != NULL) {
|
||
|
free(aun->file_ctx->filename);
|
||
|
aun->file_ctx->filename = NULL;
|
||
|
}
|
||
|
}
|
||
|
return 0;
|
||
|
}
|
||
| ... | ... | |
|
}
|
||
|
/** Use the Ouptut Context (file pointer and mutex) */
|
||
|
aun->file_ctx = (LogFileCtx*) initdata;
|
||
|
aun->size_limit = 30;
|
||
|
/** Write Unified header */
|
||
|
int ret = AlertUnifiedAlertWriteFileHeader(t, aun);
|
||
| ... | ... | |
|
* */
|
||
|
LogFileCtx *AlertUnifiedAlertInitCtx(char *config_file)
|
||
|
{
|
||
|
int ret=0;
|
||
|
LogFileCtx* file_ctx=LogFileNewCtx();
|
||
|
int ret = 0;
|
||
|
LogFileCtx *file_ctx = LogFileNewCtx();
|
||
|
if(file_ctx == NULL)
|
||
|
{
|
||
|
if (file_ctx == NULL) {
|
||
|
printf("AlertUnifiedAlertInitCtx: Couldn't create new file_ctx\n");
|
||
|
return NULL;
|
||
|
}
|
||
|
/** fill the new LogFileCtx with the specific AlertUnifiedAlert configuration */
|
||
|
ret=AlertUnifiedAlertOpenFileCtx(file_ctx, config_file);
|
||
|
ret = AlertUnifiedAlertOpenFileCtx(file_ctx, config_file);
|
||
|
if(ret < 0)
|
||
|
if (ret < 0)
|
||
|
return NULL;
|
||
|
/** In AlertUnifiedAlertOpenFileCtx the second parameter should be the configuration file to use
|
||
|
* but it's not implemented yet, so passing NULL to load the default
|
||
|
* configuration
|
||
|
/** In AlertUnifiedAlertOpenFileCtx the second parameter should be
|
||
|
* the configuration file to use but it's not implemented yet, so
|
||
|
* passing NULL to load the default configuration
|
||
|
*/
|
||
|
return file_ctx;
|
||
| ... | ... | |
|
* */
|
||
|
int AlertUnifiedAlertOpenFileCtx(LogFileCtx *file_ctx, char *config_file)
|
||
|
{
|
||
|
char filename[PATH_MAX]; /* XXX some sane default? */
|
||
|
char *filename = malloc(PATH_MAX); /* XXX some sane default? */
|
||
|
if(config_file == NULL)
|
||
|
{
|
||
|
if (config_file == NULL) {
|
||
|
/** Separate config files not implemented at the moment,
|
||
|
* but it must be able to load from separate config file.
|
||
|
* Load the default configuration.
|
||
| ... | ... | |
|
char *log_dir;
|
||
|
if (ConfGet("default-log-dir", &log_dir) != 1)
|
||
|
log_dir = DEFAULT_LOG_DIR;
|
||
|
snprintf(filename, sizeof(filename), "%s/%s.%" PRIu32, log_dir, "unified.alert", (uint32_t)ts.tv_sec);
|
||
|
snprintf(filename, PATH_MAX, "%s/%s.%" PRIu32, log_dir, "unified.alert", (uint32_t)ts.tv_sec);
|
||
|
/* XXX filename & location */
|
||
|
file_ctx->fp = fopen(filename, "wb");
|
||
| ... | ... | |
|
printf("Error: fopen %s failed: %s\n", filename, strerror(errno)); /* XXX errno threadsafety? */
|
||
|
return -1;
|
||
|
}
|
||
|
if(file_ctx->config_file == NULL)
|
||
|
file_ctx->config_file = strdup("configfile.aua");
|
||
|
/** Remember the config file (or NULL if not indicated) */
|
||
|
file_ctx->filename = filename;
|
||
|
}
|
||
|
return 0;
|
||
|
}
|
||
|
#ifdef UNITTESTS
|
||
|
/**
|
||
|
* \test Test the Rotate process
|
||
|
*
|
||
|
* \retval 1 on succces
|
||
|
* \retval 0 on failure
|
||
|
*/
|
||
|
static int AlertUnifiedAlertTestRotate01(void)
|
||
|
{
|
||
|
int ret = 0;
|
||
|
int r = 0;
|
||
|
ThreadVars tv;
|
||
|
LogFileCtx *lf;
|
||
|
void *data = NULL;
|
||
|
lf = AlertUnifiedAlertInitCtx(NULL);
|
||
|
char *filename = strdup(lf->filename);
|
||
|
memset(&tv, 0, sizeof(ThreadVars));
|
||
|
if (lf == NULL)
|
||
|
return 0;
|
||
|
ret = AlertUnifiedAlertThreadInit(&tv, lf, &data);
|
||
|
if (ret == TM_ECODE_FAILED) {
|
||
|
LogFileFreeCtx(lf);
|
||
|
return 0;
|
||
|
}
|
||
|
sleep(1);
|
||
|
ret = AlertUnifiedAlertRotateFile(&tv, data);
|
||
|
if (ret == -1)
|
||
|
goto error;
|
||
|
if (strcmp(filename, lf->filename) == 0)
|
||
|
goto error;
|
||
|
r = 1;
|
||
|
error:
|
||
|
AlertUnifiedAlertThreadDeinit(&tv, data);
|
||
|
if (lf != NULL) LogFileFreeCtx(lf);
|
||
|
if (filename != NULL) free(filename);
|
||
|
return r;
|
||
|
}
|
||
|
#endif /* UNITTESTS */
|
||
|
/**
|
||
|
* \brief this function registers unit tests for Unified2
|
||
|
*/
|
||
|
void AlertUnifiedAlertRegisterTests (void) {
|
||
|
#ifdef UNITTESTS
|
||
|
UtRegisterTest("UnifiedAlertTestRotate01 -- Rotate File",
|
||
|
AlertUnifiedAlertTestRotate01, 1);
|
||
|
#endif /* UNITTESTS */
|
||
|
}
|
||
| src/alert-unified-log.c | ||
|---|---|---|
|
TmEcode AlertUnifiedLogThreadInit(ThreadVars *, void *, void **);
|
||
|
TmEcode AlertUnifiedLogThreadDeinit(ThreadVars *, void *);
|
||
|
int AlertUnifiedLogOpenFileCtx(LogFileCtx *, char *);
|
||
|
void AlertUnifiedLogRegisterTests(void);
|
||
|
void TmModuleAlertUnifiedLogRegister (void) {
|
||
|
tmm_modules[TMM_ALERTUNIFIEDLOG].name = "AlertUnifiedLog";
|
||
|
tmm_modules[TMM_ALERTUNIFIEDLOG].ThreadInit = AlertUnifiedLogThreadInit;
|
||
|
tmm_modules[TMM_ALERTUNIFIEDLOG].Func = AlertUnifiedLog;
|
||
|
tmm_modules[TMM_ALERTUNIFIEDLOG].ThreadDeinit = AlertUnifiedLogThreadDeinit;
|
||
|
tmm_modules[TMM_ALERTUNIFIEDLOG].RegisterTests = NULL;
|
||
|
tmm_modules[TMM_ALERTUNIFIEDLOG].RegisterTests = AlertUnifiedLogRegisterTests;
|
||
|
}
|
||
|
typedef struct AlertUnifiedLogThread_ {
|
||
| ... | ... | |
|
}
|
||
|
int AlertUnifiedLogCloseFile(ThreadVars *t, AlertUnifiedLogThread *aun) {
|
||
|
if (aun->file_ctx->fp != NULL)
|
||
|
if (aun->file_ctx->fp != NULL) {
|
||
|
fclose(aun->file_ctx->fp);
|
||
|
if (aun->file_ctx->filename != NULL) {
|
||
|
free(aun->file_ctx->filename);
|
||
|
aun->file_ctx->filename = NULL;
|
||
|
}
|
||
|
}
|
||
|
return 0;
|
||
|
}
|
||
| ... | ... | |
|
* */
|
||
|
int AlertUnifiedLogOpenFileCtx(LogFileCtx *file_ctx, char *config_file)
|
||
|
{
|
||
|
char filename[PATH_MAX]; /* XXX some sane default? */
|
||
|
char *filename = malloc(PATH_MAX); /* XXX some sane default? */
|
||
|
if(config_file == NULL)
|
||
|
{
|
||
| ... | ... | |
|
char *log_dir;
|
||
|
if (ConfGet("default-log-dir", &log_dir) != 1)
|
||
|
log_dir = DEFAULT_LOG_DIR;
|
||
|
snprintf(filename, sizeof(filename), "%s/%s.%" PRIu32, log_dir, "unified.log", (uint32_t)ts.tv_sec);
|
||
|
snprintf(filename, PATH_MAX, "%s/%s.%" PRIu32, log_dir, "unified.log", (uint32_t)ts.tv_sec);
|
||
|
/* XXX filename & location */
|
||
|
file_ctx->fp = fopen(filename, "wb");
|
||
| ... | ... | |
|
printf("Error: fopen %s failed: %s\n", filename, strerror(errno)); /* XXX errno threadsafety? */
|
||
|
return -1;
|
||
|
}
|
||
|
file_ctx->filename = filename;
|
||
|
}
|
||
|
return 0;
|
||
|
}
|
||
|
#ifdef UNITTESTS
|
||
|
/**
|
||
|
* \test Test the Rotate process
|
||
|
*
|
||
|
* \retval 1 on succces
|
||
|
* \retval 0 on failure
|
||
|
*/
|
||
|
static int AlertUnifiedLogTestRotate01(void)
|
||
|
{
|
||
|
int ret = 0;
|
||
|
int r = 0;
|
||
|
ThreadVars tv;
|
||
|
LogFileCtx *lf;
|
||
|
void *data = NULL;
|
||
|
if(file_ctx->config_file == NULL)
|
||
|
file_ctx->config_file = strdup("configfile.aul");
|
||
|
/** Remember the config file (or NULL if not indicated) */
|
||
|
lf = AlertUnifiedLogInitCtx(NULL);
|
||
|
char *filename = strdup(lf->filename);
|
||
|
memset(&tv, 0, sizeof(ThreadVars));
|
||
|
if (lf == NULL)
|
||
|
return 0;
|
||
|
ret = AlertUnifiedLogThreadInit(&tv, lf, &data);
|
||
|
if (ret == TM_ECODE_FAILED) {
|
||
|
LogFileFreeCtx(lf);
|
||
|
return 0;
|
||
|
}
|
||
|
return 0;
|
||
|
sleep(1);
|
||
|
ret = AlertUnifiedLogRotateFile(&tv, data);
|
||
|
if (ret == -1)
|
||
|
goto error;
|
||
|
if (strcmp(filename, lf->filename) == 0)
|
||
|
goto error;
|
||
|
r = 1;
|
||
|
error:
|
||
|
AlertUnifiedLogThreadDeinit(&tv, data);
|
||
|
if (lf != NULL) LogFileFreeCtx(lf);
|
||
|
if (filename != NULL) free(filename);
|
||
|
return r;
|
||
|
}
|
||
|
#endif /* UNITTESTS */
|
||
|
/**
|
||
|
* \brief this function registers unit tests for Unified2
|
||
|
*/
|
||
|
void AlertUnifiedLogRegisterTests (void) {
|
||
|
#ifdef UNITTESTS
|
||
|
UtRegisterTest("UnifiedAlertTestRotate01 -- Rotate File",
|
||
|
AlertUnifiedLogTestRotate01, 1);
|
||
|
#endif /* UNITTESTS */
|
||
|
}
|
||
| src/alert-unified2-alert.c | ||
|---|---|---|
|
*/
|
||
|
int Unified2AlertCloseFile(ThreadVars *t, Unified2AlertThread *aun) {
|
||
|
if (aun->file_ctx->fp != NULL)
|
||
|
if (aun->file_ctx->fp != NULL) {
|
||
|
fclose(aun->file_ctx->fp);
|
||
|
if (aun->file_ctx->filename != NULL) {
|
||
|
free(aun->file_ctx->filename);
|
||
|
aun->file_ctx->filename = NULL;
|
||
|
}
|
||
|
}
|
||
|
return 0;
|
||
|
}
|
||
| ... | ... | |
|
* */
|
||
|
int Unified2AlertOpenFileCtx(LogFileCtx *file_ctx, char *config_file)
|
||
|
{
|
||
|
char filename[PATH_MAX]; /* XXX some sane default? */
|
||
|
char *filename = malloc(PATH_MAX); /* XXX some sane default? */
|
||
|
if(config_file == NULL)
|
||
|
{
|
||
|
if (config_file == NULL) {
|
||
|
/** Separate config files not implemented at the moment,
|
||
|
* but it must be able to load from separate config file.
|
||
|
* Load the default configuration.
|
||
| ... | ... | |
|
* This is used both during init and runtime, so it must be thread
|
||
|
* safe. */
|
||
|
struct timeval ts;
|
||
|
memset (&ts, 0, sizeof(struct timeval));
|
||
|
memset(&ts, 0, sizeof(struct timeval));
|
||
|
gettimeofday(&ts, NULL);
|
||
|
/* create the filename to use */
|
||
|
char *log_dir;
|
||
|
if (ConfGet("default-log-dir", &log_dir) != 1)
|
||
|
log_dir = DEFAULT_LOG_DIR;
|
||
|
snprintf(filename, sizeof(filename), "%s/%s.%" PRIu32, log_dir, "unified2.alert", (uint32_t)ts.tv_sec);
|
||
|
snprintf(filename, PATH_MAX, "%s/%s.%" PRIu32, log_dir, "unified2.alert", (uint32_t)ts.tv_sec);
|
||
|
/* XXX filename & location */
|
||
|
file_ctx->fp = fopen(filename, "wb");
|
||
| ... | ... | |
|
printf("Error: fopen %s failed: %s\n", filename, strerror(errno)); /* XXX errno threadsafety? */
|
||
|
return -1;
|
||
|
}
|
||
|
if(file_ctx->config_file == NULL)
|
||
|
file_ctx->config_file = strdup("configfile.au2a");
|
||
|
/** Remember the config file (or NULL if not indicated) */
|
||
|
file_ctx->filename = filename;
|
||
|
}
|
||
|
return 0;
|
||
| ... | ... | |
|
return 1;
|
||
|
}
|
||
|
/**
|
||
|
* \test Test the Rotate process
|
||
|
*
|
||
|
* \retval 1 on succces
|
||
|
* \retval 0 on failure
|
||
|
*/
|
||
|
static int Unified2TestRotate01(void)
|
||
|
{
|
||
|
int ret = 0;
|
||
|
int r = 0;
|
||
|
ThreadVars tv;
|
||
|
LogFileCtx *lf;
|
||
|
void *data = NULL;
|
||
|
lf = Unified2AlertInitCtx(NULL);
|
||
|
char *filename = strdup(lf->filename);
|
||
|
memset(&tv, 0, sizeof(ThreadVars));
|
||
|
if (lf == NULL)
|
||
|
return 0;
|
||
|
ret = Unified2AlertThreadInit(&tv, lf, &data);
|
||
|
if (ret == TM_ECODE_FAILED) {
|
||
|
LogFileFreeCtx(lf);
|
||
|
return 0;
|
||
|
}
|
||
|
sleep(1);
|
||
|
ret = Unified2AlertRotateFile(&tv, data);
|
||
|
if (ret == -1)
|
||
|
goto error;
|
||
|
if (strcmp(filename, lf->filename) == 0)
|
||
|
goto error;
|
||
|
r = 1;
|
||
|
error:
|
||
|
Unified2AlertThreadDeinit(&tv, data);
|
||
|
if (lf != NULL) LogFileFreeCtx(lf);
|
||
|
if (filename != NULL) free(filename);
|
||
|
return r;
|
||
|
}
|
||
|
#endif
|
||
|
/**
|
||
|
* \brief this function registers unit tests for Unified2
|
||
|
*/
|
||
|
void Unified2RegisterTests (void) {
|
||
|
#ifdef UNITTESTS
|
||
|
UtRegisterTest("Unified2Test01 -- Ipv4 test", Unified2Test01, 1);
|
||
| ... | ... | |
|
UtRegisterTest("Unified2Test03 -- GRE test", Unified2Test03, 1);
|
||
|
UtRegisterTest("Unified2Test04 -- PPP test", Unified2Test04, 1);
|
||
|
UtRegisterTest("Unified2Test05 -- Inline test", Unified2Test05, 1);
|
||
|
UtRegisterTest("Unified2TestRotate01 -- Rotate File", Unified2TestRotate01, 1);
|
||
|
#endif /* UNITTESTS */
|
||
|
}
|
||