ib_status_t ib_core_collection_managers_register( ib_engine_t *ib, const ib_module_t *module) { assert(ib != NULL); assert(module != NULL); const char *pattern = "^([^\\s=]+)=(.*)$"; const int compile_flags = PCRE_DOTALL | PCRE_DOLLAR_ENDONLY; pcre *compiled; const char *error; int eoff; ib_status_t rc; const ib_collection_manager_t *manager; /* Register the name/value pair InitCollection manager */ rc = ib_collection_manager_register( ib, module, "core name/value pair", "vars:", core_managed_collection_vars_register_fn, NULL, NULL, NULL, core_managed_collection_vars_populate_fn, NULL, NULL, NULL, &manager); if (rc != IB_OK) { ib_log_alert(ib, "Failed to register core name/value pair handler: %s", ib_status_to_string(rc)); return rc; } /* Compile the name/value pair pattern */ compiled = pcre_compile(pattern, compile_flags, &error, &eoff, NULL); if (compiled == NULL) { ib_log_error(ib, "Failed to compile pattern \"%s\": %s", pattern, error ? error : "(null)"); return IB_EUNKNOWN; } core_vars_manager.pattern = compiled; core_vars_manager.manager = manager; #if ENABLE_JSON /* Register the JSON file InitCollection manager */ rc = ib_collection_manager_register( ib, module, "core JSON file", "json-file://", core_managed_collection_jsonfile_register_fn, NULL, NULL, NULL, core_managed_collection_jsonfile_populate_fn, NULL, core_managed_collection_jsonfile_persist_fn, NULL, &manager); if (rc != IB_OK) { ib_log_alert(ib, "Failed to register core JSON file handler: %s", ib_status_to_string(rc)); return rc; } #endif return IB_OK; }
/** * Store a field in the agent list * * Creates a new field and adds it to the agent list field list. * * @param[in] ib IronBee object * @param[in,out] mp Memory pool to allocate from * @param[in] agent_list Field to add the field to * @param[in] name Field name * @param[in] value Field value * * @returns Status code */ static ib_status_t modua_store_field(ib_engine_t *ib, ib_mpool_t *mp, ib_field_t *agent_list, const char *name, const char *value) { IB_FTRACE_INIT(); ib_field_t *tmp_field = NULL; ib_status_t rc = IB_OK; /* No value? Do nothing */ if (value == NULL) { ib_log_debug3(ib, "No %s field in user agent", name); IB_FTRACE_RET_STATUS(IB_OK); } /* Create the field */ rc = ib_field_create( &tmp_field, mp, IB_FIELD_NAME(name), IB_FTYPE_NULSTR, ib_ftype_nulstr_in(value) ); if (rc != IB_OK) { ib_log_alert(ib, "Error creating user agent %s field: %s", name, ib_status_to_string(rc)); IB_FTRACE_RET_STATUS(rc); } /* Add the field to the list */ rc = ib_field_list_add(agent_list, tmp_field); if (rc != IB_OK) { ib_log_alert(ib, "Error adding user agent %s field: %s", name, ib_status_to_string(rc)); IB_FTRACE_RET_STATUS(rc); } ib_log_debug3(ib, "Stored user agent %s '%s'", name, value); IB_FTRACE_RET_STATUS(IB_OK); }
///! Close the auditlog and write to the index file. ib_status_t core_audit_close(ib_engine_t *ib, ib_auditlog_t *log) { ib_core_audit_cfg_t *cfg = (ib_core_audit_cfg_t *)log->cfg_data; ib_core_cfg_t *corecfg; ib_status_t ib_rc = IB_OK; int sys_rc; char *line = NULL; size_t len = 0; line = malloc(LOGFORMAT_MAX_LINE_LENGTH + 2); if (line == NULL) { return IB_EALLOC; } /* Retrieve corecfg to get the AuditLogIndexFormat */ ib_rc = ib_core_context_config(log->ctx, &corecfg); if (ib_rc != IB_OK) { ib_log_alert(log->ib, "Error accessing core module: %s", ib_status_to_string(ib_rc)); goto cleanup; } /* Notify all handlers that the given audit log is about to close. */ ib_rc = ib_core_dispatch_auditlog( log->tx, IB_CORE_AUDITLOG_CLOSED, log); if (ib_rc != IB_OK) { ib_log_error(log->ib, "Failed to dispatch auditlog to handlers."); goto cleanup; } /* Close the audit log. */ if (cfg->fp != NULL) { fclose(cfg->fp); // Rename temp to real sys_rc = rename(cfg->temp_path, cfg->full_path); if (sys_rc != 0) { sys_rc = errno; ib_log_error(log->ib, "Error renaming auditlog %s: %s (%d)", cfg->temp_path, strerror(sys_rc), sys_rc); ib_rc = IB_EOTHER; goto cleanup; } cfg->fp = NULL; } /* Write to the index file if using one. */ if ((cfg->index_fp != NULL) && (cfg->parts_written > 0)) { size_t written; ib_rc = ib_lock_lock(log->ctx->auditlog->index_fp_lock); if (ib_rc != IB_OK) { goto cleanup; } ib_rc = core_audit_get_index_line(ib, log, line, LOGFORMAT_MAX_LINE_LENGTH, &len); line[len + 0] = '\n'; line[len + 1] = '\0'; if ( (ib_rc != IB_ETRUNC) && (ib_rc != IB_OK) ) { ib_lock_unlock(log->ctx->auditlog->index_fp_lock); goto cleanup; } written = fwrite(line, len, 1, cfg->index_fp); if (written == 0) { sys_rc = errno; ib_log_error(log->ib, "Error writing to audit log index: %s (%d)", strerror(sys_rc), sys_rc); /// @todo Should retry (a piped logger may have died) fclose(cfg->index_fp); cfg->index_fp = NULL; log->ctx->auditlog->index_fp = cfg->index_fp; ib_lock_unlock(log->ctx->auditlog->index_fp_lock); goto cleanup; } fflush(cfg->index_fp); ib_lock_unlock(log->ctx->auditlog->index_fp_lock); } cleanup: if (line != NULL) { free(line); } return ib_rc; }
ib_status_t core_audit_close(ib_provider_inst_t *lpi, ib_auditlog_t *log) { IB_FTRACE_INIT(); core_audit_cfg_t *cfg = (core_audit_cfg_t *)log->cfg_data; ib_core_cfg_t *corecfg; ib_status_t ib_rc; int sys_rc; char line[IB_LOGFORMAT_MAXLINELEN + 2]; int line_size = 0; /* Retrieve corecfg to get the AuditLogIndexFormat */ ib_rc = ib_context_module_config(log->ctx, ib_core_module(), &corecfg); if (ib_rc != IB_OK) { ib_log_alert(log->ib, "Failure accessing core module: %s", ib_status_to_string(ib_rc)); IB_FTRACE_RET_STATUS(ib_rc); } /* Close the audit log. */ if (cfg->fp != NULL) { fclose(cfg->fp); //rename temp to real sys_rc = rename(cfg->temp_path, cfg->full_path); if (sys_rc != 0) { sys_rc = errno; ib_log_error(log->ib, "Error renaming auditlog %s: %s (%d)", cfg->temp_path, strerror(sys_rc), sys_rc); IB_FTRACE_RET_STATUS(IB_EOTHER); } ib_log_info(log->ib, "AUDITLOG: %s", cfg->full_path); cfg->fp = NULL; } /* Write to the index file if using one. */ if ((cfg->index_fp != NULL) && (cfg->parts_written > 0)) { ib_lock_lock(&log->ctx->auditlog->index_fp_lock); ib_rc = core_audit_get_index_line(lpi, log, line, &line_size); if (ib_rc != IB_OK) { ib_lock_unlock(&log->ctx->auditlog->index_fp_lock); IB_FTRACE_RET_STATUS(ib_rc); } sys_rc = fwrite(line, line_size, 1, cfg->index_fp); if (sys_rc < 0) { sys_rc = errno; ib_log_error(log->ib, "Could not write to audit log index: %s (%d)", strerror(sys_rc), sys_rc); /// @todo Should retry (a piped logger may have died) fclose(cfg->index_fp); cfg->index_fp = NULL; log->ctx->auditlog->index_fp = cfg->index_fp; ib_lock_unlock(&log->ctx->auditlog->index_fp_lock); IB_FTRACE_RET_STATUS(IB_OK); } fflush(cfg->index_fp); ib_lock_unlock(&log->ctx->auditlog->index_fp_lock); } IB_FTRACE_RET_STATUS(IB_OK); }