From: Victor Julien Date: Tue, 9 Oct 2018 11:34:17 +0000 (+0200) Subject: eve/json: move common settings into it's own struct X-Git-Tag: suricata-4.1.0-rc2~8 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=df1ec82b55546170ad77cbc97326e172e282e7a6;p=thirdparty%2Fsuricata.git eve/json: move common settings into it's own struct --- diff --git a/src/output-json-alert.c b/src/output-json-alert.c index 6a7aed45f0..081a9a1925 100644 --- a/src/output-json-alert.c +++ b/src/output-json-alert.c @@ -104,7 +104,7 @@ typedef struct AlertJsonOutputCtx_ { uint32_t payload_buffer_size; HttpXFFCfg *xff_cfg; HttpXFFCfg *parent_xff_cfg; - bool include_metadata; + OutputJsonCommonSettings cfg; } AlertJsonOutputCtx; typedef struct JsonAlertLogThread_ { @@ -424,7 +424,7 @@ static int AlertJson(ThreadVars *tv, JsonAlertLogThread *aft, const Packet *p) if (unlikely(js == NULL)) return TM_ECODE_OK; - if (json_output_ctx->include_metadata) { + if (json_output_ctx->cfg.include_metadata) { JsonAddMetadata(p, p->flow, js); } @@ -980,7 +980,7 @@ static OutputInitResult JsonAlertLogInitCtxSub(ConfNode *conf, OutputCtx *parent memset(json_output_ctx, 0, sizeof(AlertJsonOutputCtx)); json_output_ctx->file_ctx = ajt->file_ctx; - json_output_ctx->include_metadata = ajt->include_metadata; + json_output_ctx->cfg = ajt->cfg; JsonAlertLogSetupMetadata(json_output_ctx, conf); json_output_ctx->xff_cfg = JsonAlertLogGetXffCfg(conf); diff --git a/src/output-json-dnp3.c b/src/output-json-dnp3.c index 0f2fdd3cde..6b415627e3 100644 --- a/src/output-json-dnp3.c +++ b/src/output-json-dnp3.c @@ -50,7 +50,7 @@ typedef struct LogDNP3FileCtx_ { LogFileCtx *file_ctx; uint32_t flags; uint8_t include_object_data; - bool include_metadata; + OutputJsonCommonSettings cfg; } LogDNP3FileCtx; typedef struct LogDNP3LogThread_ { @@ -316,7 +316,7 @@ static int JsonDNP3LoggerToServer(ThreadVars *tv, void *thread_data, if (unlikely(js == NULL)) { return TM_ECODE_OK; } - if (thread->dnp3log_ctx->include_metadata) { + if (thread->dnp3log_ctx->cfg.include_metadata) { JsonAddMetadata(p, f, js); } json_t *dnp3js = JsonDNP3LogRequest(tx); @@ -345,7 +345,7 @@ static int JsonDNP3LoggerToClient(ThreadVars *tv, void *thread_data, if (unlikely(js == NULL)) { return TM_ECODE_OK; } - if (thread->dnp3log_ctx->include_metadata) { + if (thread->dnp3log_ctx->cfg.include_metadata) { JsonAddMetadata(p, f, js); } json_t *dnp3js = JsonDNP3LogResponse(tx); @@ -379,7 +379,7 @@ static OutputInitResult OutputDNP3LogInitSub(ConfNode *conf, OutputCtx *parent_c return result; } dnp3log_ctx->file_ctx = json_ctx->file_ctx; - dnp3log_ctx->include_metadata = json_ctx->include_metadata; + dnp3log_ctx->cfg = json_ctx->cfg; OutputCtx *output_ctx = SCCalloc(1, sizeof(*output_ctx)); if (unlikely(output_ctx == NULL)) { diff --git a/src/output-json-dns.c b/src/output-json-dns.c index b79cc68ef3..507fb9325b 100644 --- a/src/output-json-dns.c +++ b/src/output-json-dns.c @@ -269,8 +269,8 @@ static struct { typedef struct LogDnsFileCtx_ { LogFileCtx *file_ctx; uint64_t flags; /** Store mode */ - bool include_metadata; DnsVersion version; + OutputJsonCommonSettings cfg; } LogDnsFileCtx; typedef struct LogDnsLogThread_ { @@ -1029,7 +1029,7 @@ static int JsonDnsLoggerToServer(ThreadVars *tv, void *thread_data, if (unlikely(js == NULL)) { return TM_ECODE_OK; } - if (dnslog_ctx->include_metadata) { + if (dnslog_ctx->cfg.include_metadata) { JsonAddMetadata(p, f, js); } json_t *dns = rs_dns_log_json_query(txptr, i, td->dnslog_ctx->flags); @@ -1078,7 +1078,7 @@ static int JsonDnsLoggerToClient(ThreadVars *tv, void *thread_data, if (unlikely(js == NULL)) return TM_ECODE_OK; - if (dnslog_ctx->include_metadata) { + if (dnslog_ctx->cfg.include_metadata) { JsonAddMetadata(p, f, js); } @@ -1308,7 +1308,7 @@ static OutputInitResult JsonDnsLogInitCtxSub(ConfNode *conf, OutputCtx *parent_c memset(dnslog_ctx, 0x00, sizeof(LogDnsFileCtx)); dnslog_ctx->file_ctx = ojc->file_ctx; - dnslog_ctx->include_metadata = ojc->include_metadata; + dnslog_ctx->cfg = ojc->cfg; OutputCtx *output_ctx = SCCalloc(1, sizeof(OutputCtx)); if (unlikely(output_ctx == NULL)) { diff --git a/src/output-json-drop.c b/src/output-json-drop.c index 653e82f50f..87382e9420 100644 --- a/src/output-json-drop.c +++ b/src/output-json-drop.c @@ -65,7 +65,7 @@ typedef struct JsonDropOutputCtx_ { LogFileCtx *file_ctx; uint8_t flags; - bool include_metadata; + OutputJsonCommonSettings cfg; } JsonDropOutputCtx; typedef struct JsonDropLogThread_ { @@ -93,7 +93,7 @@ static int DropLogJSON (JsonDropLogThread *aft, const Packet *p) if (unlikely(js == NULL)) return TM_ECODE_OK; - if (drop_ctx->include_metadata) { + if (drop_ctx->cfg.include_metadata) { JsonAddMetadata(p, p->flow, js); } @@ -357,7 +357,7 @@ static OutputInitResult JsonDropLogInitCtxSub(ConfNode *conf, OutputCtx *parent_ } drop_ctx->file_ctx = ajt->file_ctx; - drop_ctx->include_metadata = ajt->include_metadata; + drop_ctx->cfg = ajt->cfg; output_ctx->data = drop_ctx; output_ctx->DeInit = JsonDropLogDeInitCtxSub; diff --git a/src/output-json-email-common.h b/src/output-json-email-common.h index 304bab6dea..3f35a56f37 100644 --- a/src/output-json-email-common.h +++ b/src/output-json-email-common.h @@ -28,7 +28,7 @@ typedef struct OutputJsonEmailCtx_ { LogFileCtx *file_ctx; uint32_t flags; /** Store mode */ uint64_t fields;/** Store fields */ - bool include_metadata; + OutputJsonCommonSettings cfg; } OutputJsonEmailCtx; diff --git a/src/output-json-flow.c b/src/output-json-flow.c index f3672facab..7f28d0ef9b 100644 --- a/src/output-json-flow.c +++ b/src/output-json-flow.c @@ -54,7 +54,7 @@ typedef struct LogJsonFileCtx_ { LogFileCtx *file_ctx; uint32_t flags; /** Store mode */ - bool include_metadata; + OutputJsonCommonSettings cfg; } LogJsonFileCtx; typedef struct JsonFlowLogThread_ { @@ -277,7 +277,7 @@ static void JsonFlowLogJSON(JsonFlowLogThread *aft, json_t *js, Flow *f) json_object_set_new(js, "flow", hjs); - if (flow_ctx->include_metadata) { + if (flow_ctx->cfg.include_metadata) { JsonAddMetadata(NULL, f, js); } @@ -444,7 +444,7 @@ static OutputInitResult OutputFlowLogInitSub(ConfNode *conf, OutputCtx *parent_c } flow_ctx->file_ctx = ojc->file_ctx; - flow_ctx->include_metadata = ojc->include_metadata; + flow_ctx->cfg = ojc->cfg; output_ctx->data = flow_ctx; output_ctx->DeInit = OutputFlowLogDeinitSub; diff --git a/src/output-json-http.c b/src/output-json-http.c index ebb239b40c..6fa33a3232 100644 --- a/src/output-json-http.c +++ b/src/output-json-http.c @@ -59,9 +59,9 @@ typedef struct LogHttpFileCtx_ { LogFileCtx *file_ctx; uint32_t flags; /** Store mode */ uint64_t fields;/** Store fields */ - bool include_metadata; HttpXFFCfg *xff_cfg; HttpXFFCfg *parent_xff_cfg; + OutputJsonCommonSettings cfg; } LogHttpFileCtx; typedef struct JsonHttpLogThread_ { @@ -471,7 +471,7 @@ static int JsonHttpLogger(ThreadVars *tv, void *thread_data, const Packet *p, Fl if (unlikely(js == NULL)) return TM_ECODE_OK; - if (jhl->httplog_ctx->include_metadata) { + if (jhl->httplog_ctx->cfg.include_metadata) { JsonAddMetadata(p, f, js); } @@ -630,7 +630,7 @@ static OutputInitResult OutputHttpLogInitSub(ConfNode *conf, OutputCtx *parent_c http_ctx->file_ctx = ojc->file_ctx; http_ctx->flags = LOG_HTTP_DEFAULT; - http_ctx->include_metadata = ojc->include_metadata; + http_ctx->cfg = ojc->cfg; if (conf) { const char *extended = ConfNodeLookupChildValue(conf, "extended"); diff --git a/src/output-json-ikev2.c b/src/output-json-ikev2.c index 230797fc8a..dcce48681b 100644 --- a/src/output-json-ikev2.c +++ b/src/output-json-ikev2.c @@ -55,13 +55,11 @@ typedef struct LogIKEv2FileCtx_ { LogFileCtx *file_ctx; - uint32_t flags; - bool include_metadata; + OutputJsonCommonSettings cfg; } LogIKEv2FileCtx; typedef struct LogIKEv2LogThread_ { LogIKEv2FileCtx *ikev2log_ctx; - uint32_t count; MemBuffer *buffer; } LogIKEv2LogThread; @@ -77,7 +75,7 @@ static int JsonIKEv2Logger(ThreadVars *tv, void *thread_data, return TM_ECODE_FAILED; } - if (thread->ikev2log_ctx->include_metadata) { + if (thread->ikev2log_ctx->cfg.include_metadata) { JsonAddMetadata(p, f, js); } @@ -116,7 +114,7 @@ static OutputInitResult OutputIKEv2LogInitSub(ConfNode *conf, return result; } ikev2log_ctx->file_ctx = ajt->file_ctx; - ikev2log_ctx->include_metadata = ajt->include_metadata; + ikev2log_ctx->cfg = ajt->cfg; OutputCtx *output_ctx = SCCalloc(1, sizeof(*output_ctx)); if (unlikely(output_ctx == NULL)) { diff --git a/src/output-json-krb5.c b/src/output-json-krb5.c index 08ddb109bf..02424571d3 100644 --- a/src/output-json-krb5.c +++ b/src/output-json-krb5.c @@ -55,13 +55,11 @@ typedef struct LogKRB5FileCtx_ { LogFileCtx *file_ctx; - uint32_t flags; - bool include_metadata; + OutputJsonCommonSettings cfg; } LogKRB5FileCtx; typedef struct LogKRB5LogThread_ { LogKRB5FileCtx *krb5log_ctx; - uint32_t count; MemBuffer *buffer; } LogKRB5LogThread; @@ -77,7 +75,7 @@ static int JsonKRB5Logger(ThreadVars *tv, void *thread_data, return TM_ECODE_FAILED; } - if (thread->krb5log_ctx->include_metadata) { + if (thread->krb5log_ctx->cfg.include_metadata) { JsonAddMetadata(p, f, js); } @@ -116,7 +114,7 @@ static OutputInitResult OutputKRB5LogInitSub(ConfNode *conf, return result; } krb5log_ctx->file_ctx = ajt->file_ctx; - krb5log_ctx->include_metadata = ajt->include_metadata; + krb5log_ctx->cfg = ajt->cfg; OutputCtx *output_ctx = SCCalloc(1, sizeof(*output_ctx)); if (unlikely(output_ctx == NULL)) { diff --git a/src/output-json-netflow.c b/src/output-json-netflow.c index 7659a9679b..1437f70109 100644 --- a/src/output-json-netflow.c +++ b/src/output-json-netflow.c @@ -53,7 +53,7 @@ typedef struct LogJsonFileCtx_ { LogFileCtx *file_ctx; - bool include_metadata; + OutputJsonCommonSettings cfg; } LogJsonFileCtx; typedef struct JsonNetFlowLogThread_ { @@ -313,7 +313,7 @@ static int JsonNetFlowLogger(ThreadVars *tv, void *thread_data, Flow *f) if (unlikely(js == NULL)) return TM_ECODE_OK; JsonNetFlowLogJSONToServer(jhl, js, f); - if (netflow_ctx->include_metadata) { + if (netflow_ctx->cfg.include_metadata) { JsonAddMetadata(NULL, f, js); } OutputJSONBuffer(js, jhl->flowlog_ctx->file_ctx, &jhl->buffer); @@ -329,7 +329,7 @@ static int JsonNetFlowLogger(ThreadVars *tv, void *thread_data, Flow *f) if (unlikely(js == NULL)) return TM_ECODE_OK; JsonNetFlowLogJSONToClient(jhl, js, f); - if (netflow_ctx->include_metadata) { + if (netflow_ctx->cfg.include_metadata) { JsonAddMetadata(NULL, f, js); } OutputJSONBuffer(js, jhl->flowlog_ctx->file_ctx, &jhl->buffer); @@ -409,7 +409,7 @@ static OutputInitResult OutputNetFlowLogInitSub(ConfNode *conf, OutputCtx *paren } flow_ctx->file_ctx = ojc->file_ctx; - flow_ctx->include_metadata = ojc->include_metadata; + flow_ctx->cfg = ojc->cfg; output_ctx->data = flow_ctx; output_ctx->DeInit = OutputNetFlowLogDeinitSub; diff --git a/src/output-json-nfs.c b/src/output-json-nfs.c index 3983a954ff..67adfdc1b2 100644 --- a/src/output-json-nfs.c +++ b/src/output-json-nfs.c @@ -91,7 +91,7 @@ static int JsonNFSLogger(ThreadVars *tv, void *thread_data, return TM_ECODE_FAILED; } - if (thread->ctx->include_metadata) { + if (thread->ctx->cfg.include_metadata) { JsonAddMetadata(p, f, js); } diff --git a/src/output-json-smtp.c b/src/output-json-smtp.c index 451ed450dc..4bbfc93226 100644 --- a/src/output-json-smtp.c +++ b/src/output-json-smtp.c @@ -95,7 +95,7 @@ static int JsonSmtpLogger(ThreadVars *tv, void *thread_data, const Packet *p, Fl /* reset */ MemBufferReset(jhl->buffer); - if (jhl->emaillog_ctx->include_metadata) { + if (jhl->emaillog_ctx->cfg.include_metadata) { JsonAddMetadata(p, f, js); } @@ -210,7 +210,7 @@ static OutputInitResult OutputSmtpLogInitSub(ConfNode *conf, OutputCtx *parent_c } email_ctx->file_ctx = ojc->file_ctx; - email_ctx->include_metadata = ojc->include_metadata; + email_ctx->cfg = ojc->cfg; OutputEmailInitConf(conf, email_ctx); diff --git a/src/output-json-ssh.c b/src/output-json-ssh.c index 7563f42c1a..7ed4843713 100644 --- a/src/output-json-ssh.c +++ b/src/output-json-ssh.c @@ -56,8 +56,7 @@ typedef struct OutputSshCtx_ { LogFileCtx *file_ctx; - uint32_t flags; /** Store mode */ - bool include_metadata; + OutputJsonCommonSettings cfg; } OutputSshCtx; @@ -110,7 +109,7 @@ static int JsonSshLogger(ThreadVars *tv, void *thread_data, const Packet *p, if (unlikely(js == NULL)) return 0; - if (ssh_ctx->include_metadata) { + if (ssh_ctx->cfg.include_metadata) { JsonAddMetadata(p, f, js); } @@ -249,7 +248,7 @@ static OutputInitResult OutputSshLogInitSub(ConfNode *conf, OutputCtx *parent_ct } ssh_ctx->file_ctx = ojc->file_ctx; - ssh_ctx->include_metadata = ojc->include_metadata; + ssh_ctx->cfg = ojc->cfg; output_ctx->data = ssh_ctx; output_ctx->DeInit = OutputSshLogDeinitSub; diff --git a/src/output-json-tls.c b/src/output-json-tls.c index 68f87dcad8..1081034a2b 100644 --- a/src/output-json-tls.c +++ b/src/output-json-tls.c @@ -103,7 +103,7 @@ typedef struct OutputTlsCtx_ { LogFileCtx *file_ctx; uint32_t flags; /** Store mode */ uint64_t fields; /** Store fields */ - bool include_metadata; + OutputJsonCommonSettings cfg; } OutputTlsCtx; @@ -382,7 +382,7 @@ static int JsonTlsLogger(ThreadVars *tv, void *thread_data, const Packet *p, return 0; } - if (tls_ctx->include_metadata) { + if (tls_ctx->cfg.include_metadata) { JsonAddMetadata(p, f, js); } @@ -596,7 +596,7 @@ static OutputInitResult OutputTlsLogInitSub(ConfNode *conf, OutputCtx *parent_ct } tls_ctx->file_ctx = ojc->file_ctx; - tls_ctx->include_metadata = ojc->include_metadata; + tls_ctx->cfg = ojc->cfg; if ((tls_ctx->fields & LOG_TLS_FIELD_CERTIFICATE) && (tls_ctx->fields & LOG_TLS_FIELD_CHAIN)) { diff --git a/src/output-json.c b/src/output-json.c index 1e7704a314..d4bedf6db0 100644 --- a/src/output-json.c +++ b/src/output-json.c @@ -872,9 +872,9 @@ OutputInitResult OutputJsonInitCtx(ConfNode *conf) const ConfNode *metadata = ConfNodeLookupChild(conf, "metadata"); if (metadata && metadata->val && ConfValIsFalse(metadata->val)) { SCLogConfig("Disabling eve metadata logging."); - json_ctx->include_metadata = false; + json_ctx->cfg.include_metadata = false; } else { - json_ctx->include_metadata = true; + json_ctx->cfg.include_metadata = true; } /* Do we have a global eve xff configuration? */ diff --git a/src/output-json.h b/src/output-json.h index 586299d9c3..134bee88af 100644 --- a/src/output-json.h +++ b/src/output-json.h @@ -65,13 +65,17 @@ OutputInitResult OutputJsonLogInitSub(ConfNode *conf, OutputCtx *parent_ctx); TmEcode JsonLogThreadInit(ThreadVars *t, const void *initdata, void **data); TmEcode JsonLogThreadDeinit(ThreadVars *t, void *data); +typedef struct OutputJsonCommonSettings_ { + bool include_metadata; +} OutputJsonCommonSettings; + /* * Global configuration context data */ typedef struct OutputJsonCtx_ { LogFileCtx *file_ctx; enum LogFileType json_out; - bool include_metadata; + OutputJsonCommonSettings cfg; HttpXFFCfg *xff_cfg; } OutputJsonCtx;