email-json: add function to export data

author Eric Leblond <eric@regit.org>

Thu, 30 Apr 2015 12:45:52 +0000 (14:45 +0200)

committer Eric Leblond <eric@regit.org>

Fri, 2 Oct 2015 20:57:58 +0000 (22:57 +0200)
author Eric Leblond <eric@regit.org>
Thu, 30 Apr 2015 12:45:52 +0000 (14:45 +0200)
committer Eric Leblond <eric@regit.org>
Fri, 2 Oct 2015 20:57:58 +0000 (22:57 +0200)
diff --git a/src/output-json-email-common.c b/src/output-json-email-common.c

index f5366efb974619f765a041025b9217cb5d8f6dee..f7553460e3483246b7306e33eeff69c299d864ab 100644 (file)
--- a/src/output-json-email-common.c
+++ b/src/output-json-email-common.c
@@ -56,7 +56,7 @@
  #include <jansson.h>
  
  /* JSON format logging */
-TmEcode JsonEmailLogJson(JsonEmailLogThread *aft, json_t *js, const Packet *p, Flow *f, void *state, void *vtx, uint64_t tx_id)
+json_t *JsonEmailLogJsonData(const Flow *f, void *state, void *vtx, uint64_t tx_id)
  {
      SMTPState *smtp_state;
      MimeDecParseState *mime_state;
@@ -64,17 +64,17 @@ TmEcode JsonEmailLogJson(JsonEmailLogThread *aft, json_t *js, const Packet *p, F
  
      json_t *sjs = json_object();
      if (sjs == NULL) {
-        SCReturnInt(TM_ECODE_FAILED);
+        SCReturnPtr(NULL, "json_t");
      }
  
      /* check if we have SMTP state or not */
-    AppProto proto = FlowGetAppProtocol(p->flow);
+    AppProto proto = FlowGetAppProtocol(f);
      switch (proto) {
          case ALPROTO_SMTP:
              smtp_state = (SMTPState *)state;
              if (smtp_state == NULL) {
                  SCLogDebug("no smtp state, so no request logging");
-                SCReturnInt(TM_ECODE_FAILED);
+                SCReturnPtr(NULL, "json_t");
              }
              SMTPTransaction *tx = vtx;
              mime_state = tx->mime_state;
@@ -83,11 +83,11 @@ TmEcode JsonEmailLogJson(JsonEmailLogThread *aft, json_t *js, const Packet *p, F
              break;
          default:
              /* don't know how we got here */
-            SCReturnInt(TM_ECODE_FAILED);
+            SCReturnPtr(NULL, "json_t");
      }
      if ((mime_state != NULL)) {
          if (entity == NULL) {
-            SCReturnInt(TM_ECODE_FAILED);
+            SCReturnPtr(NULL, "json_t");
          }
  
  #ifdef HAVE_NSS
@@ -187,7 +187,7 @@ TmEcode JsonEmailLogJson(JsonEmailLogThread *aft, json_t *js, const Packet *p, F
              entity->header_flags |= HDR_IS_LOGGED;
  
              if (mime_state->stack == NULL || mime_state->stack->top == NULL || mime_state->stack->top->data == NULL)
-                SCReturnInt(TM_ECODE_OK);
+                SCReturnPtr(NULL, "json_t");
  
              entity = (MimeDecEntity *)mime_state->stack->top->data;
              int attch_cnt = 0;
@@ -244,15 +244,42 @@ TmEcode JsonEmailLogJson(JsonEmailLogThread *aft, json_t *js, const Packet *p, F
              } else {
                  json_decref(js_url);
              }
-            json_object_set_new(js, "email", sjs);
-
  //            FLOWLOCK_UNLOCK(p->flow);
-            SCReturnInt(TM_ECODE_OK);
+            SCReturnPtr(sjs, "json_t");
          }
      }
  
+    json_decref(sjs);
  //    FLOWLOCK_UNLOCK(p->flow);
-    SCReturnInt(TM_ECODE_DONE);
+    SCReturnPtr(NULL, "json_t");
+}
+
+/* JSON format logging */
+TmEcode JsonEmailLogJson(JsonEmailLogThread *aft, json_t *js, const Packet *p, Flow *f, void *state, void *vtx, uint64_t tx_id)
+{
+    json_t *sjs = JsonEmailLogJsonData(f, state, vtx, tx_id);
+
+    if (sjs) {
+        json_object_set_new(js, "email", sjs);
+        SCReturnInt(TM_ECODE_OK);
+    } else
+        SCReturnInt(TM_ECODE_FAILED);
  }
  
+json_t *JsonEmailAddMetadata(const Flow *f)
+{
+    SMTPState *smtp_state = (SMTPState *)FlowGetAppState(f);
+    if (smtp_state) {
+        uint64_t tx_id = AppLayerParserGetTransactionLogId(f->alparser);
+        SMTPTransaction *tx = AppLayerParserGetTx(IPPROTO_TCP, ALPROTO_SMTP, smtp_state, tx_id);
+
+        if (tx) {
+            return JsonEmailLogJsonData(f, smtp_state, tx, tx_id);
+        }
+    }
+
+    return NULL;
+}
+
+
  #endif
diff --git a/src/output-json-email-common.h b/src/output-json-email-common.h

index 618ba828ccb883c08bd95fec68de7187a88cec2c..4553e8572ce487637020d684b301059dfff833c1 100644 (file)
--- a/src/output-json-email-common.h
+++ b/src/output-json-email-common.h
@@ -30,13 +30,14 @@ typedef struct OutputJsonEmailCtx_ {
  } OutputJsonEmailCtx;
  
  
+#ifdef HAVE_LIBJANSSON
  typedef struct JsonEmailLogThread_ {
      OutputJsonEmailCtx *emaillog_ctx;
      MemBuffer *buffer;
  } JsonEmailLogThread;
  
-#ifdef HAVE_LIBJANSSON
  TmEcode JsonEmailLogJson(JsonEmailLogThread *aft, json_t *js, const Packet *p, Flow *f, void *state, void *vtx, uint64_t tx_id);
+json_t *JsonEmailAddMetadata(const Flow *f);
  #endif
  
  #endif /* __OUTPUT_JSON_EMAIL_COMMON_H__ */
author	Eric Leblond <eric@regit.org>
	Thu, 30 Apr 2015 12:45:52 +0000 (14:45 +0200)
committer	Eric Leblond <eric@regit.org>
	Fri, 2 Oct 2015 20:57:58 +0000 (22:57 +0200)
src/output-json-email-common.c		patch \| blob \| blame \| history
src/output-json-email-common.h		patch \| blob \| blame \| history