- Timestamp:
- Oct 29, 2008, 8:59:18 PM (16 years ago)
- Location:
- trunk/src
- Files:
-
- 1 added
- 9 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/sh_cat.c
r183 r185 272 272 { MSG_E_ACCESS, SH_ERR_ERR, ERR, N_("msg=\"File not accessible\" userid=\"%ld\" path=\"%s\"")}, 273 273 { MSG_E_READ, SH_ERR_ERR, ERR, N_("msg=\"Not accessible or not a regular file\" path=\"%s\"")}, 274 { MSG_E_NOTREG, SH_ERR_ERR, ERR, N_("msg=\"Not a regular file\" path=\"%s\"")}, 274 275 { MSG_E_TIMEOUT, SH_ERR_ERR, ERR, N_("msg=\"Timeout (%d sec) while checksumming file\" path=\"%s\"")}, 275 276 { MSG_NODEV, SH_ERR_ERR, ERR, N_("msg=\"Device not available or timeout during read attempt\" userid=\"%ld\" path=\"%s\"")}, … … 599 600 { MSG_E_ACCESS, SH_ERR_ERR, ERR, N_("msg=<File not accessible>, userid=<%ld>, path=<%s>")}, 600 601 { MSG_E_READ, SH_ERR_ERR, ERR, N_("msg=<Not accessible or not a regular file>, path=<%s>")}, 602 { MSG_E_NOTREG, SH_ERR_ERR, ERR, N_("msg=<Not a regular file>, path=<%s>")}, 601 603 { MSG_E_TIMEOUT, SH_ERR_ERR, ERR, N_("msg=<Timeout (%d sec) while checksumming file>, path=<%s>")}, 602 604 { MSG_NODEV, SH_ERR_ERR, ERR, N_("msg=<Device not available or timeout during read attempt>, userid=<%ld>, path=<%s>")}, -
trunk/src/sh_hash.c
r181 r185 1139 1139 char hashbuf[KEYBUF_SIZE]; 1140 1140 1141 int retval = 0; 1142 int exitval = EXIT_SUCCESS; 1143 1141 1144 SL_ENTER(_("sh_hash_init")); 1142 1145 … … 1170 1173 sh_error_handle ((-1), FIL__, __LINE__, fd, MSG_EXIT_ABORT1, 1171 1174 sh.prg_name); 1172 aud_exit (FIL__, __LINE__, EXIT_FAILURE); 1175 retval = 1; exitval = EXIT_FAILURE; 1176 goto unlock_and_return; 1173 1177 } 1174 1178 sl_rewind (fd); … … 1196 1200 sh_error_handle ((-1), FIL__, __LINE__, fd, MSG_EXIT_ABORT1, 1197 1201 sh.prg_name); 1198 aud_exit (FIL__, __LINE__, EXIT_FAILURE); 1202 retval = 1; exitval = EXIT_FAILURE; 1203 goto unlock_and_return; 1199 1204 } 1200 1205 … … 1216 1221 file_path('D', 'R') ) 1217 1222 ); 1218 aud_exit (FIL__, __LINE__, EXIT_FAILURE); 1223 retval = 1; exitval = EXIT_FAILURE; 1224 goto unlock_and_return; 1219 1225 } 1220 1226 sl_rewind (fd); … … 1226 1232 TPT((0, FIL__, __LINE__, _("msg=<Terminate.>\n"))); 1227 1233 --sig_raised; --sig_urgent; 1228 aud_exit (FIL__, __LINE__, EXIT_SUCCESS); 1234 retval = 1; exitval = EXIT_SUCCESS; 1235 goto unlock_and_return; 1229 1236 } 1230 1237 … … 1251 1258 TPT((0, FIL__, __LINE__, _("msg=<Terminate.>\n"))); 1252 1259 --sig_raised; --sig_urgent; 1253 aud_exit (FIL__, __LINE__, EXIT_SUCCESS); 1260 retval = 1; exitval = EXIT_SUCCESS; 1261 goto unlock_and_return; 1254 1262 } 1255 1263 … … 1307 1315 if (0 != sh_gpg_check_sign (0, fd, 2)) 1308 1316 { 1309 aud_exit (FIL__, __LINE__, EXIT_FAILURE); 1317 retval = 1; exitval = EXIT_FAILURE; 1318 goto unlock_and_return; 1310 1319 } 1311 1320 sl_rewind (fd); … … 1328 1337 TPT((0, FIL__, __LINE__, _("msg=<Terminate.>\n"))); 1329 1338 --sig_raised; --sig_urgent; 1330 aud_exit (FIL__, __LINE__, EXIT_SUCCESS); 1339 retval = 1; exitval = EXIT_SUCCESS; 1340 goto unlock_and_return; 1331 1341 } 1332 1342 … … 1357 1367 ; /* 'label at end of compound statement */ 1358 1368 SH_MUTEX_UNLOCK(mutex_hash); 1359 SL_RET0(_("sh_hash_init")); 1369 if (retval == 0) 1370 { 1371 SL_RET0(_("sh_hash_init")); 1372 } 1373 aud_exit (FIL__, __LINE__, exitval); 1360 1374 } 1361 1375 -
trunk/src/sh_log_check.c
r183 r185 29 29 */ 30 30 struct sh_logfile_type sh_logtypes_def[] = { 31 { "SYSLOG", NULL, sh_parse_syslog, NULL }, 32 { "APACHE", NULL, sh_parse_apache, sh_eval_fileinfo_apache }, 31 { "SYSLOG", NULL, sh_parse_syslog, NULL }, 32 { "SAMBA", sh_read_samba, sh_parse_samba, NULL }, 33 { "APACHE", NULL, sh_parse_apache, sh_eval_fileinfo_apache }, 33 34 #if defined(HAVE_SYS_ACCT_H) 34 { "PACCT", sh_read_pacct, sh_parse_pacct, NULL },35 { "PACCT", sh_read_pacct, sh_parse_pacct, NULL }, 35 36 #endif 36 37 }; … … 369 370 { 370 371 logrecord->filename = thisfile->filename; 371 372 sh_eval_process_msg(logrecord); 372 373 /* Don't report if 'init', just set file pointer 374 */ 375 if (sh.flag.checkSum != SH_CHECK_INIT) 376 { 377 sh_eval_process_msg(logrecord); 378 } 373 379 374 380 if (logrecord->message) … … 378 384 if (logrecord->prefix) 379 385 sh_string_destroy(&(logrecord->prefix)); 386 if (logrecord->timestr) 387 sh_string_destroy(&(logrecord->timestr)); 380 388 SH_FREE(logrecord); 381 389 } … … 383 391 else 384 392 { 385 (void) sh_string_truncate(record,0);393 record = sh_string_new(0); 386 394 break; 387 395 } … … 617 625 return NULL; 618 626 } 627 return s; 628 } 629 630 if (0 != sh_open_for_reader(logfile)) 631 goto start_read; 632 633 return NULL; 634 } 635 636 /****************************************************** 637 * Reader for continued text files 638 */ 639 sh_string * sh_cont_reader (sh_string * s, struct sh_logfile * logfile, char*cont) 640 { 641 int status; 642 char * tmp; 643 sh_string * str; 644 int remain = 8192; 645 int count = 0; 646 647 if (!sh_string_truncate(s, 0)) 648 return NULL; 649 650 start_read: 651 652 if (logfile->fp) 653 { 654 str = sh_string_new(0); 655 656 /* Result cannot be larger than 8192, thus cast is ok 657 */ 658 status = (int) sh_string_read(str, logfile->fp, 8192); 659 660 if (status > 0) 661 { 662 663 do { 664 s = sh_string_add (s, str); 665 count += status; 666 remain -= status; 667 668 if (remain <= 0) 669 { 670 return s; 671 } 672 673 status = (int) sh_string_read_cont(str, logfile->fp, count, cont); 674 675 if (status == 0) 676 { 677 return s; 678 } 679 } 680 while (status > 0); 681 } 682 683 if (status <= 0) 684 { 685 fgetpos(logfile->fp, &(logfile->offset)); 686 fclose(logfile->fp); 687 logfile->fp = NULL; 688 sh_string_destroy(&s); 689 if (status == 0) 690 { 691 return NULL; 692 } 693 694 SH_MUTEX_LOCK(mutex_thread_nolog); 695 tmp = sh_util_safe_name (logfile->filename); 696 sh_error_handle((-1), FIL__, __LINE__, 0, MSG_LOGMON_EREAD, 697 tmp); 698 SH_FREE(tmp); 699 SH_MUTEX_UNLOCK(mutex_thread_nolog); 700 701 return NULL; 702 } 703 619 704 return s; 620 705 } -
trunk/src/sh_log_evalrule.c
r183 r185 170 170 ng->rule_extra = group_extra; 171 171 ng->ovector = NULL; 172 ng->ovecnum = 0; 172 173 ng->captures = 0; 173 174 ng->counterlist = NULL; 174 175 ng->queue = NULL; 175 176 ng->nextrule = NULL; 176 177 /* 178 * Insert at end, to keep user-defined order 179 */ 180 ng->next = NULL; 181 if (grouplist) 182 { 183 tmp = grouplist; 184 while (tmp->next != NULL) { tmp = tmp->next; } 185 tmp->next = ng; 186 } else { 187 grouplist = ng; 188 } 177 ng->next = NULL; 189 178 190 179 if (!host_open) … … 202 191 203 192 /* 204 * I f there is an open host group, add it to its205 * rulegroups206 */ 193 * Insert at end, to keep user-defined order 194 */ 195 207 196 if (host_open) 208 197 { 198 if (grouplist) 199 { 200 tmp = grouplist; 201 while (tmp->next != NULL) { tmp = tmp->next; } 202 tmp->next = ng; 203 } else { 204 grouplist = ng; 205 } 206 207 208 /* 209 * If there is an open host group, add it to its 210 * rulegroups 211 */ 212 209 213 if (host_open->rulegroups) 210 214 { … … 214 218 } else { 215 219 host_open->rulegroups = ng; 216 220 } 217 221 } 218 222 … … 427 431 nr->captures = captures; 428 432 nr->ovector = SH_ALLOC(sizeof(int) * (captures+1) * 3); 433 nr->ovecnum = 0; 429 434 nr->counterlist = NULL; 430 435 nr->queue = queue; … … 441 446 { 442 447 tmp = group_open->nextrule; 443 while (tmp->next != NULL) { tmp = tmp->next; }444 tmp->next = nr;448 while (tmp->nextrule != NULL) { tmp = tmp->nextrule; } /* next -> nextrule */ 449 tmp->nextrule = nr; /* next -> nextrule */ 445 450 } else { 446 451 group_open->nextrule = nr; … … 454 459 else 455 460 { 456 /*457 * Add rule as member to grouplist, to facilitate cleanup458 */459 if (grouplist)460 {461 tmp = grouplist;462 while (tmp->next != NULL) { tmp = tmp->next; }463 tmp->next = nr;464 } else {465 grouplist = nr;466 }467 468 461 if (!host_open) 469 462 { 470 463 if (0 != sh_eval_hadd("^.*")) 471 464 { 465 SH_FREE(nr->ovector); 472 466 SH_FREE(nr); 473 467 return -1; … … 475 469 } 476 470 477 /*478 * Add rule to host rulegroups479 */480 471 if (host_open) 481 472 { 473 /* 474 * Add rule as member to grouplist, to facilitate cleanup 475 */ 476 #if 0 477 if (grouplist) 478 { 479 tmp = grouplist; 480 while (tmp->next != NULL) { tmp = tmp->next; } 481 tmp->next = nr; 482 } else { 483 grouplist = nr; 484 } 485 #endif 486 487 /* 488 * Add rule to host rulegroups 489 */ 482 490 if (host_open->rulegroups) 483 491 { … … 488 496 while (tmp->nextrule != NULL) { tmp = tmp->nextrule; } 489 497 tmp->nextrule = nr; 490 } else { 498 } 499 else 500 { 491 501 /* First rule goes to host_open->rulegroups */ 492 502 host_open->rulegroups = nr; … … 495 505 else 496 506 { 507 SH_FREE(nr->ovector); 497 508 SH_FREE(nr); 498 509 return -1; … … 505 516 void sh_eval_cleanup() 506 517 { 507 struct sh_geval * nr;508 518 struct sh_geval * tmp; 509 519 … … 512 522 struct sh_heval * htmp; 513 523 514 gtmp = grouplist; 515 while (gtmp) 516 { 524 while (grouplist) 525 { 526 gtmp = grouplist; 527 grouplist = gtmp->next; 528 517 529 if (gtmp->label) sh_string_destroy(&(gtmp->label)); 518 530 if (gtmp->rule_extra) (*pcre_free)(gtmp->rule_extra); … … 522 534 if (gtmp->ovector) 523 535 SH_FREE(gtmp->ovector); 524 if (gtmp->nextrule) 525 { 526 tmp = gtmp->nextrule; 527 do { 528 nr = tmp->nextrule; 529 if (tmp->rule_extra) (*pcre_free)(tmp->rule_extra); 530 if (tmp->rule) (*pcre_free)(tmp->rule); 531 if (tmp->counterlist) 532 zAVLFreeTree(tmp->counterlist, sh_ceval_free); 533 if (tmp->ovector) 534 SH_FREE(tmp->ovector); 535 SH_FREE(tmp); 536 tmp = nr; 537 } while (tmp); 538 } 539 grouplist = gtmp->next; 536 537 while (gtmp->nextrule) 538 { 539 tmp = gtmp->nextrule; 540 gtmp->nextrule = tmp->nextrule; 541 542 if (tmp->rule_extra) (*pcre_free)(tmp->rule_extra); 543 if (tmp->rule) (*pcre_free)(tmp->rule); 544 if (tmp->counterlist) 545 zAVLFreeTree(tmp->counterlist, sh_ceval_free); 546 if (tmp->ovector) 547 SH_FREE(tmp->ovector); 548 SH_FREE(tmp); 549 } 550 540 551 SH_FREE(gtmp); 541 gtmp = grouplist;542 552 } 543 553 … … 678 688 SH_MUTEX_LOCK(mutex_thread_nolog); 679 689 tmp = sh_util_safe_name (record->filename); 680 msg = sh_util_safe_name (sh_string_str(record->message));681 ttt = sh_util_safe_name (sh_string_str(record->timestr));690 msg = sh_util_safe_name_keepspace (sh_string_str(record->message)); 691 ttt = sh_util_safe_name_keepspace (sh_string_str(record->timestr)); 682 692 sh_error_handle (severity, FIL__, __LINE__, 0, MSG_LOGMON_REP, 683 693 msg, … … 697 707 SH_MUTEX_LOCK(mutex_thread_nolog); 698 708 tmp = sh_util_safe_name (sh_string_str(path)); 699 msg = sh_util_safe_name (sh_string_str(message));709 msg = sh_util_safe_name_keepspace (sh_string_str(message)); 700 710 sh_error_handle (severity, FIL__, __LINE__, 0, MSG_LOGMON_SUM, 701 711 msg, -
trunk/src/sh_log_parse_apache.c
r183 r185 47 47 int pos_status; 48 48 int pos_time; 49 int format_time; 49 50 }; 50 51 52 static const char lf_error0[] = N_("%error"); 51 53 static const char lf_common0[] = N_("%h %l %u %t \"%r\" %>s %b"); 52 54 static const char lf_combined0[] = N_("%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""); … … 73 75 volatile int p_status = -1; 74 76 volatile int p_time = -1; 77 volatile int f_time = -1; 75 78 const char * error; 76 79 int erroffset; … … 89 92 new = sh_util_strdup(_(lf_combined0)); 90 93 } 94 else if (0 == strncmp("error", str, 8)) 95 { 96 new = sh_util_strdup(_(lf_error0)); 97 } 91 98 else 92 99 { … … 156 163 sh_string_add_from_char(re_string, p); 157 164 p_time = i+1; 165 f_time = 1; 166 } 167 else if (token[0] == '%' && token[1] == 'e' && 0 == strcmp(token, _("%error"))) 168 { 169 p = _("\\[([^\\]]+)\\]"); 170 sh_string_add_from_char(re_string, p); 171 p_time = i+1; f_time = 2; ++i; 172 173 sh_string_add_from_char(re_string, " "); 174 p = _("\\[([^\\]]+)\\]"); 175 sh_string_add_from_char(re_string, p); 176 p_status = i+1; 177 178 sh_string_add_from_char(re_string, " "); 179 p = _("(.*)"); 180 sh_string_add_from_char(re_string, p); 181 182 break; 158 183 } 159 184 else … … 208 233 result->pos_status = p_status; 209 234 result->pos_time = p_time; 235 result->format_time = f_time; 210 236 211 237 SH_FREE(splits); … … 262 288 res = 0; 263 289 timestamp = 0; 290 info->format_time = 1; 264 291 sl_strlcpy(tstr, _("01/Jan/1970:00:00:00"), sizeof(tstr)); 265 292 } … … 268 295 { 269 296 struct tm btime; 270 char * ptr , * q;297 char * ptr = NULL, * q; 271 298 272 299 /* example: 01/Jun/2008:07:55:28 +0200 */ 273 300 274 q = strchr(tstr, ' '); 275 if (q) *q = '\0'; 276 277 ptr = /*@i@*/strptime(tstr, "%d/%b/%Y:%T", &btime); 301 if (info->format_time == 1) 302 { 303 q = strchr(tstr, ' '); 304 if (q) *q = '\0'; 305 306 ptr = /*@i@*/strptime(tstr, "%d/%b/%Y:%T", &btime); 307 } 308 else if (info->format_time == 2) 309 { 310 ptr = /*@i@*/strptime(tstr, "%a %b %d %T %Y", &btime); 311 } 312 278 313 if (ptr && *ptr == '\0') 279 314 { … … 294 329 else 295 330 { 296 sl_strlcpy(sstr, _("000"), sizeof(sstr)); /* FIXME API */331 sl_strlcpy(sstr, _("000"), sizeof(sstr)); 297 332 } 298 333 -
trunk/src/sh_log_parse_pacct.c
r183 r185 277 277 } 278 278 279 if (record) 280 sh_string_destroy(&record); 279 281 return NULL; 280 282 } -
trunk/src/sh_string.c
r183 r185 204 204 #define SH_STRING_PARCEL 120 205 205 206 static 207 size_t sh_string_read_int(sh_string * s, FILE * fp, size_t maxlen, char *start); 208 206 209 size_t sh_string_read(sh_string * s, FILE * fp, size_t maxlen) 207 210 { 211 return sh_string_read_int(s, fp, maxlen, NULL); 212 } 213 214 size_t sh_string_read_cont(sh_string * s, FILE * fp, size_t maxlen, char *cont) 215 { 216 return sh_string_read_int(s, fp, maxlen, cont); 217 } 218 219 size_t sh_string_read_int(sh_string * s, FILE * fp, size_t maxlen, char *start) 220 { 221 222 /* case 0) start != NULL and first char not in 'start' 223 */ 224 if (start) 225 { 226 int first = fgetc(fp); 227 228 if (first == EOF) 229 { 230 sh_string_truncate(s, 0); 231 if (ferror(fp)) 232 return -1; 233 return 0; 234 } 235 236 if (NULL == strchr(start, first)) 237 { 238 ungetc(first, fp); 239 return 0; 240 } 241 ungetc(first, fp); 242 } 208 243 209 244 /* case 1) EOF or error -
trunk/src/sh_unix.c
r183 r185 3500 3500 */ 3501 3501 3502 else /* fstat_return != 0 or !S_ISREG(fbuf->st_mode) */ 3503 { 3504 fstat_return = errno; 3502 else /* fstat_return != 0 or !S_ISREG(fbuf.st_mode) */ 3503 { 3504 uid_t euid; 3505 int fstat_errval = errno; 3505 3506 if (fileHash != NULL) 3506 3507 sl_strlcpy(fileHash, SH_KEY_NULL, KEY_LEN+1); … … 3509 3510 { 3510 3511 tmp2 = sh_util_safe_name (theFile->fullpath); 3511 sh_error_handle (level, FIL__, __LINE__, fstat_return, MSG_E_READ, 3512 tmp2); 3512 3513 if (fstat_return != 0) 3514 { 3515 (void) sl_get_euid(&euid); 3516 sh_error_handle (level, FIL__, __LINE__, fstat_errval, 3517 MSG_E_ACCESS, (long) euid, tmp2); 3518 } 3519 else if (!S_ISREG(fbuf.st_mode)) 3520 { 3521 sh_error_handle (level, FIL__, __LINE__, fstat_errval, 3522 MSG_E_NOTREG, tmp2); 3523 } 3524 else 3525 { 3526 sh_error_handle (level, FIL__, __LINE__, fstat_errval, 3527 MSG_E_READ, tmp2); 3528 } 3513 3529 SH_FREE(tmp2); 3514 3530 } -
trunk/src/sh_utils.c
r170 r185 1881 1881 } 1882 1882 1883 1883 #define SH_ESCAPE_SPACE 1 1884 #define SH_DONT_ESCAPE_SPACE 0 1885 char * sh_util_safe_name_int (const char * name, int escape_space); 1886 1887 char * sh_util_safe_name (const char * name) 1888 { 1889 return sh_util_safe_name_int (name, SH_ESCAPE_SPACE); 1890 } 1891 1892 char * sh_util_safe_name_keepspace (const char * name) 1893 { 1894 return sh_util_safe_name_int (name, SH_DONT_ESCAPE_SPACE); 1895 } 1896 1884 1897 /* returns freshly allocated memory, return value should be free'd 1885 1898 */ 1886 char * sh_util_safe_name (const char * name)1899 char * sh_util_safe_name_int (const char * name, int escape_space) 1887 1900 { 1888 1901 register int i = 0; … … 1971 1984 #endif 1972 1985 } else if ( (*p) == ' ') { /* space */ 1973 retval[i] = '\\'; ++i; 1974 retval[i] = ' '; 1986 if (escape_space) { 1987 retval[i] = '\\'; ++i; 1988 retval[i] = ' '; 1989 } 1990 else { 1991 retval[i] = *p; 1992 } 1975 1993 #ifdef SH_USE_XML 1976 1994 } else if ( (*p) == '"') { /* double quote */
Note:
See TracChangeset
for help on using the changeset viewer.