ib_status_t ib_core_collection_managers_register(
ib_engine_t *ib,
const ib_module_t *module)
{
assert(ib != NULL);
assert(module != NULL);
const char *pattern = "^([^\\s=]+)=(.*)$";
const int compile_flags = PCRE_DOTALL | PCRE_DOLLAR_ENDONLY;
pcre *compiled;
const char *error;
int eoff;
ib_status_t rc;
const ib_collection_manager_t *manager;
/* Register the name/value pair InitCollection manager */
rc = ib_collection_manager_register(
ib, module, "core name/value pair", "vars:",
core_managed_collection_vars_register_fn, NULL,
NULL, NULL,
core_managed_collection_vars_populate_fn, NULL,
NULL, NULL,
&manager);
if (rc != IB_OK) {
ib_log_alert(ib, "Failed to register core name/value pair handler: %s",
ib_status_to_string(rc));
return rc;
}
/* Compile the name/value pair pattern */
compiled = pcre_compile(pattern, compile_flags, &error, &eoff, NULL);
if (compiled == NULL) {
ib_log_error(ib, "Failed to compile pattern \"%s\": %s", pattern,
error ? error : "(null)");
return IB_EUNKNOWN;
}
core_vars_manager.pattern = compiled;
core_vars_manager.manager = manager;
#if ENABLE_JSON
/* Register the JSON file InitCollection manager */
rc = ib_collection_manager_register(
ib, module, "core JSON file", "json-file://",
core_managed_collection_jsonfile_register_fn, NULL,
NULL, NULL,
core_managed_collection_jsonfile_populate_fn, NULL,
core_managed_collection_jsonfile_persist_fn, NULL,
&manager);
if (rc != IB_OK) {
ib_log_alert(ib, "Failed to register core JSON file handler: %s",
ib_status_to_string(rc));
return rc;
}
#endif
return IB_OK;
}
/**
* Store a field in the agent list
*
* Creates a new field and adds it to the agent list field list.
*
* @param[in] ib IronBee object
* @param[in,out] mp Memory pool to allocate from
* @param[in] agent_list Field to add the field to
* @param[in] name Field name
* @param[in] value Field value
*
* @returns Status code
*/
static ib_status_t modua_store_field(ib_engine_t *ib,
ib_mpool_t *mp,
ib_field_t *agent_list,
const char *name,
const char *value)
{
IB_FTRACE_INIT();
ib_field_t *tmp_field = NULL;
ib_status_t rc = IB_OK;
/* No value? Do nothing */
if (value == NULL) {
ib_log_debug3(ib, "No %s field in user agent", name);
IB_FTRACE_RET_STATUS(IB_OK);
}
/* Create the field */
rc = ib_field_create(
&tmp_field,
mp,
IB_FIELD_NAME(name),
IB_FTYPE_NULSTR,
ib_ftype_nulstr_in(value)
);
if (rc != IB_OK) {
ib_log_alert(ib,
"Error creating user agent %s field: %s", name, ib_status_to_string(rc));
IB_FTRACE_RET_STATUS(rc);
}
/* Add the field to the list */
rc = ib_field_list_add(agent_list, tmp_field);
if (rc != IB_OK) {
ib_log_alert(ib,
"Error adding user agent %s field: %s", name, ib_status_to_string(rc));
IB_FTRACE_RET_STATUS(rc);
}
ib_log_debug3(ib, "Stored user agent %s '%s'", name, value);
IB_FTRACE_RET_STATUS(IB_OK);
}
///! Close the auditlog and write to the index file.
ib_status_t core_audit_close(ib_engine_t *ib, ib_auditlog_t *log)
{
ib_core_audit_cfg_t *cfg = (ib_core_audit_cfg_t *)log->cfg_data;
ib_core_cfg_t *corecfg;
ib_status_t ib_rc = IB_OK;
int sys_rc;
char *line = NULL;
size_t len = 0;
line = malloc(LOGFORMAT_MAX_LINE_LENGTH + 2);
if (line == NULL) {
return IB_EALLOC;
}
/* Retrieve corecfg to get the AuditLogIndexFormat */
ib_rc = ib_core_context_config(log->ctx, &corecfg);
if (ib_rc != IB_OK) {
ib_log_alert(log->ib,
"Error accessing core module: %s",
ib_status_to_string(ib_rc));
goto cleanup;
}
/* Notify all handlers that the given audit log is about to close. */
ib_rc = ib_core_dispatch_auditlog(
log->tx,
IB_CORE_AUDITLOG_CLOSED,
log);
if (ib_rc != IB_OK) {
ib_log_error(log->ib, "Failed to dispatch auditlog to handlers.");
goto cleanup;
}
/* Close the audit log. */
if (cfg->fp != NULL) {
fclose(cfg->fp);
// Rename temp to real
sys_rc = rename(cfg->temp_path, cfg->full_path);
if (sys_rc != 0) {
sys_rc = errno;
ib_log_error(log->ib,
"Error renaming auditlog %s: %s (%d)",
cfg->temp_path,
strerror(sys_rc), sys_rc);
ib_rc = IB_EOTHER;
goto cleanup;
}
cfg->fp = NULL;
}
/* Write to the index file if using one. */
if ((cfg->index_fp != NULL) && (cfg->parts_written > 0)) {
size_t written;
ib_rc = ib_lock_lock(log->ctx->auditlog->index_fp_lock);
if (ib_rc != IB_OK) {
goto cleanup;
}
ib_rc = core_audit_get_index_line(ib, log, line,
LOGFORMAT_MAX_LINE_LENGTH,
&len);
line[len + 0] = '\n';
line[len + 1] = '\0';
if ( (ib_rc != IB_ETRUNC) && (ib_rc != IB_OK) ) {
ib_lock_unlock(log->ctx->auditlog->index_fp_lock);
goto cleanup;
}
written = fwrite(line, len, 1, cfg->index_fp);
if (written == 0) {
sys_rc = errno;
ib_log_error(log->ib,
"Error writing to audit log index: %s (%d)",
strerror(sys_rc), sys_rc);
/// @todo Should retry (a piped logger may have died)
fclose(cfg->index_fp);
cfg->index_fp = NULL;
log->ctx->auditlog->index_fp = cfg->index_fp;
ib_lock_unlock(log->ctx->auditlog->index_fp_lock);
goto cleanup;
}
fflush(cfg->index_fp);
ib_lock_unlock(log->ctx->auditlog->index_fp_lock);
}
cleanup:
if (line != NULL) {
free(line);
}
return ib_rc;
}
ib_status_t core_audit_close(ib_provider_inst_t *lpi, ib_auditlog_t *log)
{
IB_FTRACE_INIT();
core_audit_cfg_t *cfg = (core_audit_cfg_t *)log->cfg_data;
ib_core_cfg_t *corecfg;
ib_status_t ib_rc;
int sys_rc;
char line[IB_LOGFORMAT_MAXLINELEN + 2];
int line_size = 0;
/* Retrieve corecfg to get the AuditLogIndexFormat */
ib_rc = ib_context_module_config(log->ctx, ib_core_module(),
&corecfg);
if (ib_rc != IB_OK) {
ib_log_alert(log->ib, "Failure accessing core module: %s", ib_status_to_string(ib_rc));
IB_FTRACE_RET_STATUS(ib_rc);
}
/* Close the audit log. */
if (cfg->fp != NULL) {
fclose(cfg->fp);
//rename temp to real
sys_rc = rename(cfg->temp_path, cfg->full_path);
if (sys_rc != 0) {
sys_rc = errno;
ib_log_error(log->ib,
"Error renaming auditlog %s: %s (%d)",
cfg->temp_path,
strerror(sys_rc), sys_rc);
IB_FTRACE_RET_STATUS(IB_EOTHER);
}
ib_log_info(log->ib, "AUDITLOG: %s", cfg->full_path);
cfg->fp = NULL;
}
/* Write to the index file if using one. */
if ((cfg->index_fp != NULL) && (cfg->parts_written > 0)) {
ib_lock_lock(&log->ctx->auditlog->index_fp_lock);
ib_rc = core_audit_get_index_line(lpi, log, line, &line_size);
if (ib_rc != IB_OK) {
ib_lock_unlock(&log->ctx->auditlog->index_fp_lock);
IB_FTRACE_RET_STATUS(ib_rc);
}
sys_rc = fwrite(line, line_size, 1, cfg->index_fp);
if (sys_rc < 0) {
sys_rc = errno;
ib_log_error(log->ib,
"Could not write to audit log index: %s (%d)",
strerror(sys_rc), sys_rc);
/// @todo Should retry (a piped logger may have died)
fclose(cfg->index_fp);
cfg->index_fp = NULL;
log->ctx->auditlog->index_fp = cfg->index_fp;
ib_lock_unlock(&log->ctx->auditlog->index_fp_lock);
IB_FTRACE_RET_STATUS(IB_OK);
}
fflush(cfg->index_fp);
ib_lock_unlock(&log->ctx->auditlog->index_fp_lock);
}
IB_FTRACE_RET_STATUS(IB_OK);
}
