int main()
{
snprintf(CFWORKDIR, CF_BUFSIZE, "/tmp/lastseen_migration_test.XXXXXX");
mkdtemp(CFWORKDIR);
for (int i = 0; i < 1000000; ++i)
{
if ((i % 10000) == 0)
{
printf(".");
fflush(stdout);
}
char hostkey[50];
snprintf(hostkey, 50, "SHA-%040d", i);
char ip[50];
snprintf(ip, 50, "250.%03d.%03d.%03d", i / (256*256), (i / 256) % 256, i % 256);
UpdateLastSawHost(hostkey, ip, false, i);
UpdateLastSawHost(hostkey, ip, true, 2000000 - i);
}
char cmd[CF_BUFSIZE];
snprintf(cmd, CF_BUFSIZE, "rm -rf '%s'", CFWORKDIR);
system(cmd);
return 0;
}
void LastSaw(char *username, char *ipaddress, unsigned char digest[EVP_MAX_MD_SIZE + 1], enum roles role)
{
char databuf[CF_BUFSIZE];
char *mapip;
if (strlen(ipaddress) == 0)
{
CfOut(cf_inform, "", "LastSeen registry for empty IP with role %d", role);
return;
}
ThreadLock(cft_output);
switch (role)
{
case cf_accept:
snprintf(databuf, CF_BUFSIZE - 1, "-%s", HashPrint(CF_DEFAULT_DIGEST, digest));
break;
case cf_connect:
snprintf(databuf, CF_BUFSIZE - 1, "+%s", HashPrint(CF_DEFAULT_DIGEST, digest));
break;
}
ThreadUnlock(cft_output);
mapip = MapAddress(ipaddress);
UpdateLastSawHost(databuf, mapip);
}
static void test_newentry(void **context)
{
setup();
UpdateLastSawHost("SHA-12345", "127.0.0.64", true, 666);
DBHandle *db;
OpenDB(&db, dbid_lastseen);
KeyHostSeen q;
assert_int_equal(ReadDB(db, "qiSHA-12345", &q, sizeof(q)), true);
assert_int_equal(q.lastseen, 666);
assert_double_close(q.Q.q, 0.0);
assert_double_close(q.Q.dq, 0.0);
assert_double_close(q.Q.expect, 0.0);
assert_double_close(q.Q.var, 0.0);
assert_int_equal(ReadDB(db, "qoSHA-12345", &q, sizeof(q)), false);
char address[CF_BUFSIZE];
assert_int_equal(ReadDB(db, "kSHA-12345", address, sizeof(address)), true);
assert_string_equal(address, "127.0.0.64");
char hostkey[CF_BUFSIZE];
assert_int_equal(ReadDB(db, "a127.0.0.64", hostkey, sizeof(hostkey)), true);
assert_string_equal(hostkey, "SHA-12345");
CloseDB(db);
}
static void test_remove(void **context)
{
setup();
UpdateLastSawHost("SHA-12345", "127.0.0.64", true, 555);
UpdateLastSawHost("SHA-12345", "127.0.0.64", false, 556);
RemoveHostFromLastSeen("SHA-12345");
DBHandle *db;
OpenDB(&db, dbid_lastseen);
assert_int_equal(HasKeyDB(db, "qiSHA-12345", strlen("qiSHA-12345") + 1), false);
assert_int_equal(HasKeyDB(db, "qoSHA-12345", strlen("qoSHA-12345") + 1), false);
assert_int_equal(HasKeyDB(db, "kSHA-12345", strlen("kSHA-12345") + 1), false);
assert_int_equal(HasKeyDB(db, "a127.0.0.64", strlen("a127.0.0.64") + 1), false);
CloseDB(db);
}
static void test_update(void **context)
{
setup();
UpdateLastSawHost("SHA-12345", "127.0.0.64", true, 555);
UpdateLastSawHost("SHA-12345", "127.0.0.64", true, 1110);
DBHandle *db;
OpenDB(&db, dbid_lastseen);
KeyHostSeen q;
assert_int_equal(ReadDB(db, "qiSHA-12345", &q, sizeof(q)), true);
assert_int_equal(q.lastseen, 1110);
assert_double_close(q.Q.q, 555.0);
assert_double_close(q.Q.dq, 555.0);
assert_double_close(q.Q.expect, 222.0);
assert_double_close(q.Q.var, 123210.0);
CloseDB(db);
}
void LastSaw(const char *ipaddress, unsigned char digest[EVP_MAX_MD_SIZE + 1], LastSeenRole role)
{
char databuf[EVP_MAX_MD_SIZE * 4];
if (strlen(ipaddress) == 0)
{
Log(LOG_LEVEL_INFO, "LastSeen registry for empty IP with role %d", role);
return;
}
HashPrintSafe(CF_DEFAULT_DIGEST, digest, databuf);
const char *mapip = MapAddress(ipaddress);
UpdateLastSawHost(databuf, mapip, role == LAST_SEEN_ROLE_ACCEPT, time(NULL));
}
void LastSaw(const char *ipaddress, const char *digest, LastSeenRole role)
{
char databuf[CF_HOSTKEY_STRING_SIZE];
if (strlen(ipaddress) == 0)
{
Log(LOG_LEVEL_INFO, "LastSeen registry for empty IP with role %d", role);
return;
}
HashPrintSafe(databuf, sizeof(databuf), digest, CF_DEFAULT_DIGEST, true);
const char *mapip = MapAddress(ipaddress);
UpdateLastSawHost(databuf, mapip, role == LAST_SEEN_ROLE_ACCEPT, time(NULL));
}
static void test_reverse_conflict(void **context)
{
setup();
UpdateLastSawHost("SHA-12345", "127.0.0.64", true, 555);
DBHandle *db;
OpenDB(&db, dbid_lastseen);
assert_int_equal(WriteDB(db, "a127.0.0.64", "SHA-98765", strlen("SHA-98765") + 1), true);
/* Check that resolution return false */
char result[CF_BUFSIZE];
assert_int_equal(Address2Hostkey("127.0.0.64", result), false);
/* Check that entry is removed */
assert_int_equal(HasKeyDB(db, "a127.0.0.64", strlen("a127.0.0.64") + 1), false);
CloseDB(db);
}
void LastSaw(char *ipaddress, unsigned char digest[EVP_MAX_MD_SIZE + 1], enum roles role)
{
char databuf[CF_BUFSIZE];
char *mapip;
if (strlen(ipaddress) == 0)
{
CfOut(cf_inform, "", "LastSeen registry for empty IP with role %d", role);
return;
}
ThreadLock(cft_output);
strlcpy(databuf, HashPrint(CF_DEFAULT_DIGEST, digest), CF_BUFSIZE);
ThreadUnlock(cft_output);
mapip = MapAddress(ipaddress);
UpdateLastSawHost(databuf, mapip, role == cf_accept, time(NULL));
}
/**
* @brief Same as LastSaw() but the digest parameter is the hash as a
* "SHA=..." string, to avoid converting twice.
*/
void LastSaw1(const char *ipaddress, const char *hashstr,
LastSeenRole role)
{
const char *mapip = MapAddress(ipaddress);
UpdateLastSawHost(hashstr, mapip, role == LAST_SEEN_ROLE_ACCEPT, time(NULL));
}