From: Victor Julien Date: Thu, 30 Jan 2014 12:49:42 +0000 (+0100) Subject: output: check for multiple instances of drop and tls X-Git-Tag: suricata-2.0rc1~67 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=99504274668fd5b066e6c6007c1cc510bb2701c8;p=thirdparty%2Fsuricata.git output: check for multiple instances of drop and tls Both the drop and tls logs are currently not designed to have multiple instances running. So until that is changed, error out if more than one instance is started. --- diff --git a/src/log-droplog.c b/src/log-droplog.c index 086608318b..740b06cb2a 100644 --- a/src/log-droplog.c +++ b/src/log-droplog.c @@ -136,6 +136,12 @@ static void LogDropLogDeInitCtx(OutputCtx *output_ctx) */ static OutputCtx *LogDropLogInitCtx(ConfNode *conf) { + if (OutputDropLoggerEnable() != 0) { + SCLogError(SC_ERR_CONF_YAML_ERROR, "only one 'drop' logger " + "can be enabled"); + return NULL; + } + LogFileCtx *logfile_ctx = LogFileNewCtx(); if (logfile_ctx == NULL) { SCLogDebug("LogDropLogInitCtx: Could not create new LogFileCtx"); diff --git a/src/log-tlslog.c b/src/log-tlslog.c index fa90a14a9c..a95a0d5b2f 100644 --- a/src/log-tlslog.c +++ b/src/log-tlslog.c @@ -401,6 +401,12 @@ static void LogTlsLogExitPrintStats(ThreadVars *tv, void *data) * */ static OutputCtx *LogTlsLogInitCtx(ConfNode *conf) { + if (OutputTlsLoggerEnable() != 0) { + SCLogError(SC_ERR_CONF_YAML_ERROR, "only one 'tls' logger " + "can be enabled"); + return NULL; + } + LogFileCtx* file_ctx = LogFileNewCtx(); if (file_ctx == NULL) { diff --git a/src/output-json-drop.c b/src/output-json-drop.c index e8a93bc7aa..ef00f6e30e 100644 --- a/src/output-json-drop.c +++ b/src/output-json-drop.c @@ -194,6 +194,12 @@ static void JsonDropLogDeInitCtx(OutputCtx *output_ctx) #define DEFAULT_LOG_FILENAME "drop.json" static OutputCtx *JsonDropLogInitCtx(ConfNode *conf) { + if (OutputDropLoggerEnable() != 0) { + SCLogError(SC_ERR_CONF_YAML_ERROR, "only one 'drop' logger " + "can be enabled"); + return NULL; + } + LogFileCtx *logfile_ctx = LogFileNewCtx(); if (logfile_ctx == NULL) { return NULL; @@ -216,6 +222,12 @@ static OutputCtx *JsonDropLogInitCtx(ConfNode *conf) static OutputCtx *JsonDropLogInitCtxSub(ConfNode *conf, OutputCtx *parent_ctx) { + if (OutputDropLoggerEnable() != 0) { + SCLogError(SC_ERR_CONF_YAML_ERROR, "only one 'drop' logger " + "can be enabled"); + return NULL; + } + AlertJsonThread *ajt = parent_ctx->data; OutputCtx *output_ctx = SCCalloc(1, sizeof(OutputCtx)); diff --git a/src/output-tlslog.c b/src/output-tlslog.c index 0fe95fb162..016f6df593 100644 --- a/src/output-tlslog.c +++ b/src/output-tlslog.c @@ -217,6 +217,12 @@ static TmEcode JsonTlsLogThreadDeinit(ThreadVars *t, void *data) #define DEFAULT_LOG_FILENAME "tls.json" OutputCtx *OutputTlsLogInit(ConfNode *conf) { + if (OutputTlsLoggerEnable() != 0) { + SCLogError(SC_ERR_CONF_YAML_ERROR, "only one 'tls' logger " + "can be enabled"); + return NULL; + } + LogFileCtx *file_ctx = LogFileNewCtx(); if(file_ctx == NULL) { SCLogError(SC_ERR_HTTP_LOG_GENERIC, "couldn't create new file_ctx"); @@ -258,6 +264,12 @@ OutputCtx *OutputTlsLogInitSub(ConfNode *conf, OutputCtx *parent_ctx) { AlertJsonThread *ajt = parent_ctx->data; + if (OutputTlsLoggerEnable() != 0) { + SCLogError(SC_ERR_CONF_YAML_ERROR, "only one 'tls' logger " + "can be enabled"); + return NULL; + } + OutputTlsCtx *tls_ctx = SCMalloc(sizeof(OutputTlsCtx)); if (unlikely(tls_ctx == NULL)) return NULL; diff --git a/src/output.c b/src/output.c index 043e37d80a..b6960d75e0 100644 --- a/src/output.c +++ b/src/output.c @@ -374,3 +374,22 @@ OutputDeregisterAll(void) SCFree(module); } } + +static int drop_loggers = 0; + +int OutputDropLoggerEnable(void) { + if (drop_loggers) + return -1; + drop_loggers++; + return 0; +} + +static int tls_loggers = 0; + +int OutputTlsLoggerEnable(void) { + if (tls_loggers) + return -1; + tls_loggers++; + return 0; +} + diff --git a/src/output.h b/src/output.h index e0f2f6794a..d87178135c 100644 --- a/src/output.h +++ b/src/output.h @@ -83,4 +83,7 @@ void OutputRegisterFiledataSubModule(const char *parent_name, const char *name, OutputModule *OutputGetModuleByConfName(const char *name); void OutputDeregisterAll(void); +int OutputDropLoggerEnable(void); +int OutputTlsLoggerEnable(void); + #endif /* ! __OUTPUT_H__ */