int
tag_unmarshal_record(struct evbuffer *evbuf, uint32_t need_tag, struct record *record)
{
uint32_t tag;
struct evbuffer *tmp = evbuffer_new();
if (evtag_unmarshal(evbuf, &tag, tmp) == -1 || tag != need_tag)
goto error;
if (record_unmarshal(record, tmp) == -1)
goto error;
evbuffer_free(tmp);
return (0);
error:
evbuffer_free(tmp);
return (-1);
}
int
evtag_unmarshal_kill(struct evbuffer *evbuf, ev_uint32_t need_tag, struct kill *msg)
{
ev_uint32_t tag;
int res = -1;
struct evbuffer *tmp = evbuffer_new();
if (evtag_unmarshal(evbuf, &tag, tmp) == -1 || tag != need_tag)
goto error;
if (kill_unmarshal(msg, tmp) == -1)
goto error;
res = 0;
error:
evbuffer_free(tmp);
return (res);
}
/*
* Functions to un/marshal records.
*/
static int
record_unmarshal(struct record *record, struct evbuffer *evbuf)
{
struct evbuffer *tmp = evbuffer_new();
uint32_t integer;
uint32_t tag;
memset(record, 0, sizeof(struct record));
TAILQ_INIT(&record->hashes);
/* The timevals are optional, so we need to check their presence */
if (evtag_peek(evbuf, &tag) != -1 && tag == REC_TV_START) {
if (evtag_unmarshal_timeval(evbuf, REC_TV_START, &record->tv_start) == -1)
goto error;
}
if (evtag_peek(evbuf, &tag) != -1 && tag == REC_TV_END) {
if (evtag_unmarshal_timeval(evbuf, REC_TV_END, &record->tv_end) == -1)
goto error;
}
evbuffer_drain(tmp, evbuffer_get_length(tmp));
if (evtag_unmarshal(evbuf, &tag, tmp) == -1 || tag != REC_SRC)
goto error;
if (addr_unmarshal(&record->src, tmp) == -1)
goto error;
evbuffer_drain(tmp, evbuffer_get_length(tmp));
if (evtag_unmarshal(evbuf, &tag, tmp) == -1 || tag != REC_DST)
goto error;
if (addr_unmarshal(&record->dst, tmp) == -1)
goto error;
if (evtag_unmarshal_int(evbuf, REC_SRC_PORT, &integer) == -1)
goto error;
record->src_port = integer;
if (evtag_unmarshal_int(evbuf, REC_DST_PORT, &integer) == -1)
goto error;
record->dst_port = integer;
if (evtag_unmarshal_int(evbuf, REC_PROTO, &integer) == -1)
goto error;
record->proto = integer;
if (evtag_unmarshal_int(evbuf, REC_STATE, &integer) == -1)
goto error;
record->state = integer;
while (evtag_peek(evbuf, &tag) != -1) {
switch(tag) {
case REC_OS_FP:
if (evtag_unmarshal_string(evbuf, tag, &record->os_fp) == -1)
goto error;
break;
case REC_HASH:
{
struct hash *tmp;
if ((tmp = calloc(1, sizeof(struct hash))) == NULL)
err(1, "%s: calloc", __func__);
if (evtag_unmarshal_fixed(evbuf, REC_HASH, tmp->digest, sizeof(tmp->digest)) == -1) {
free(tmp);
goto error;
}
TAILQ_INSERT_TAIL(&record->hashes, tmp, next);
}
break;
case REC_BYTES:
if (evtag_unmarshal_int(evbuf, tag,&record->bytes) == -1)
goto error;
break;
case REC_FLAGS:
if (evtag_unmarshal_int(evbuf, tag,&record->flags) == -1)
goto error;
break;
default:
syslog(LOG_DEBUG, "Ignoring unknown record tag %d", tag);
evtag_consume(evbuf);
break;
}
}
evbuffer_free(tmp);
return (0);
error:
evbuffer_free(tmp);
return (-1);
}
