From: Michael Altizer (mialtize) <mialtize@cisco.com>
Date: Wed, 16 May 2018 19:53:05 +0000 (-0400)
Subject: Merge pull request #1228 in SNORT/snort3 from move_json_usock to master
X-Git-Tag: 3.0.0-245~10
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=adcabdb3751d98833a0fefa7c022e416d52ca6af;p=thirdparty%2Fsnort3.git

Merge pull request #1228 in SNORT/snort3 from move_json_usock to master

Squashed commit of the following:

commit 5673495422fa4f6069b782fe7db46e186d98822d
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date:   Wed May 16 14:48:55 2018 -0400

    alert: moved alert json. unixsock out from extra to snort3
---

diff --git a/extra/src/loggers/CMakeLists.txt b/extra/src/loggers/CMakeLists.txt
index 5e0df5200..f76568ece 100644
--- a/extra/src/loggers/CMakeLists.txt
+++ b/extra/src/loggers/CMakeLists.txt
@@ -1,5 +1,3 @@
 add_subdirectory ( alert_ex )
-add_subdirectory ( alert_json )
 add_subdirectory ( alert_lua )
-add_subdirectory ( alert_unixsock )
 add_subdirectory ( log_null )
diff --git a/extra/src/loggers/alert_json/CMakeLists.txt b/extra/src/loggers/alert_json/CMakeLists.txt
deleted file mode 100644
index d690c6204..000000000
--- a/extra/src/loggers/alert_json/CMakeLists.txt
+++ /dev/null
@@ -1,43 +0,0 @@
-cmake_minimum_required ( VERSION 3.4.3 )
-project ( alert_json CXX )
-
-set (CMAKE_CXX_STANDARD 11)
-set (CMAKE_CXX_STANDARD_REQUIRED ON)
-set (CMAKE_CXX_EXTENSIONS OFF)
-
-if ( APPLE )
-    set ( CMAKE_MACOSX_RPATH OFF )
-endif ( APPLE )
-
-include ( FindPkgConfig )
-pkg_search_module ( SNORT3 REQUIRED snort>=3 )
-
-add_library (
-    alert_json MODULE
-    alert_json.cc
-)
-
-if ( APPLE )
-    set_target_properties (
-        alert_json
-        PROPERTIES
-            LINK_FLAGS "-undefined dynamic_lookup"
-    )
-endif ( APPLE )
-
-set_target_properties (
-    alert_json
-    PROPERTIES
-        PREFIX ""
-)
-
-target_include_directories (
-    alert_json PUBLIC
-    ${SNORT3_INCLUDE_DIRS}
-)
-
-install (
-    TARGETS alert_json
-    LIBRARY
-        DESTINATION "${CMAKE_INSTALL_LIBDIR}/${CMAKE_PROJECT_NAME}/loggers"
-)
diff --git a/extra/src/loggers/alert_unixsock/CMakeLists.txt b/extra/src/loggers/alert_unixsock/CMakeLists.txt
deleted file mode 100644
index 8b70cfecc..000000000
--- a/extra/src/loggers/alert_unixsock/CMakeLists.txt
+++ /dev/null
@@ -1,43 +0,0 @@
-cmake_minimum_required ( VERSION 3.4.3 )
-project ( alert_unixsock CXX )
-
-set (CMAKE_CXX_STANDARD 11)
-set (CMAKE_CXX_STANDARD_REQUIRED ON)
-set (CMAKE_CXX_EXTENSIONS OFF)
-
-if ( APPLE )
-    set ( CMAKE_MACOSX_RPATH OFF )
-endif ( APPLE )
-
-include ( FindPkgConfig )
-pkg_search_module ( SNORT3 REQUIRED snort>=3 )
-
-add_library (
-    alert_unixsock MODULE
-    alert_unixsock.cc
-)
-
-if ( APPLE )
-    set_target_properties (
-        alert_unixsock
-        PROPERTIES
-            LINK_FLAGS "-undefined dynamic_lookup"
-    )
-endif ( APPLE )
-
-set_target_properties (
-    alert_unixsock
-    PROPERTIES
-        PREFIX ""
-)
-
-target_include_directories (
-    alert_unixsock PUBLIC
-    ${SNORT3_INCLUDE_DIRS}
-)
-
-install (
-    TARGETS alert_unixsock
-    LIBRARY
-        DESTINATION "${CMAKE_INSTALL_LIBDIR}/${CMAKE_PROJECT_NAME}/loggers"
-)
diff --git a/src/loggers/CMakeLists.txt b/src/loggers/CMakeLists.txt
index 31adde14d..d0feabd8b 100644
--- a/src/loggers/CMakeLists.txt
+++ b/src/loggers/CMakeLists.txt
@@ -11,7 +11,9 @@ set (PLUGIN_LIST
     alert_csv.cc
     alert_fast.cc
     alert_full.cc
+    alert_json.cc
     alert_syslog.cc
+    alert_unixsock.cc
     log_hext.cc
     log_pcap.cc
     unified2.cc
@@ -33,7 +35,9 @@ else (STATIC_LOGGERS)
     add_dynamic_module(alert_csv loggers alert_csv.cc)
     add_dynamic_module(alert_fast loggers alert_fast.cc)
     add_dynamic_module(alert_full loggers alert_full.cc)
+    add_dynamic_module(alert_json loggers alert_json.cc)
     add_dynamic_module(alert_syslog loggers alert_syslog.cc)
+    add_dynamic_module(alert_unixsock loggers alert_unixsock.cc)
     add_dynamic_module(log_hext loggers log_hext.cc)
     add_dynamic_module(log_pcap loggers log_pcap.cc)
     add_dynamic_module(unified2 loggers unified2.cc)
diff --git a/extra/src/loggers/alert_json/alert_json.cc b/src/loggers/alert_json.cc
similarity index 99%
rename from extra/src/loggers/alert_json/alert_json.cc
rename to src/loggers/alert_json.cc
index c639c92f2..2eb262087 100644
--- a/extra/src/loggers/alert_json/alert_json.cc
+++ b/src/loggers/alert_json.cc
@@ -799,7 +799,11 @@ static LogApi json_api
     json_dtor
 };
 
+#ifdef BUILDING_SO
 SO_PUBLIC const BaseApi* snort_plugins[] =
+#else
+const BaseApi* alert_json[] =
+#endif
 {
     &json_api.base,
     nullptr
diff --git a/extra/src/loggers/alert_unixsock/alert_unixsock.cc b/src/loggers/alert_unixsock.cc
similarity index 92%
rename from extra/src/loggers/alert_unixsock/alert_unixsock.cc
rename to src/loggers/alert_unixsock.cc
index 092c16148..faacbf957 100644
--- a/extra/src/loggers/alert_unixsock/alert_unixsock.cc
+++ b/src/loggers/alert_unixsock.cc
@@ -18,6 +18,9 @@
 // with this program; if not, write to the Free Software Foundation, Inc.,
 // 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 //--------------------------------------------------------------------------
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#endif
 
 #include <sys/un.h>
 
@@ -130,7 +133,10 @@ static void get_alert_pkt(
 
     if (p && p->pkt)
     {
-        memmove( (void*)&us.alert.pkth, (const void*)p->pkth, sizeof(us.alert.pkth));
+        us.alert.pkth.ts.tv_sec = (uint32_t)p->pkth->ts.tv_sec;
+        us.alert.pkth.ts.tv_usec = (uint32_t)p->pkth->ts.tv_usec;
+        us.alert.pkth.caplen = p->pkth->caplen;
+        us.alert.pkth.len = p->pkth->pktlen;
         memmove(us.alert.pkt, (const void*)p->pkt, us.alert.pkth.caplen);
     }
     else
@@ -155,9 +161,12 @@ static void get_alert_pkt(
             }
 
             /* we don't log any headers besides eth yet */
-            if (p->ptrs.ip_api.is_ip4() && p->pkt)
+            if (p->ptrs.ip_api.is_ip() && p->pkt)
             {
-                us.alert.nethdr=(const char*)p->ptrs.ip_api.get_ip4h()-(const char*)p->pkt;
+                if (p->ptrs.ip_api.is_ip4())
+                    us.alert.nethdr=(const char*)p->ptrs.ip_api.get_ip4h()-(const char*)p->pkt;
+                else
+                    us.alert.nethdr=(const char*)p->ptrs.ip_api.get_ip6h()-(const char*)p->pkt;
 
                 switch (p->type())
                 {
@@ -286,7 +295,11 @@ static LogApi unix_sock_api
     unix_sock_dtor
 };
 
+#ifdef BUILDING_SO
 SO_PUBLIC const BaseApi* snort_plugins[] =
+#else
+const BaseApi* alert_unixsock[] =
+#endif
 {
     &unix_sock_api.base,
     nullptr
diff --git a/src/loggers/loggers.cc b/src/loggers/loggers.cc
index a965a075a..56b18f671 100644
--- a/src/loggers/loggers.cc
+++ b/src/loggers/loggers.cc
@@ -36,7 +36,9 @@ extern const BaseApi* alert_sf_socket[];
 extern const BaseApi* alert_csv[];
 extern const BaseApi* alert_fast[];
 extern const BaseApi* alert_full[];
+extern const BaseApi* alert_json[];
 extern const BaseApi* alert_syslog[];
+extern const BaseApi* alert_unixsock[];
 extern const BaseApi* log_hext[];
 extern const BaseApi* log_pcap[];
 extern const BaseApi* eh_unified2[];
@@ -53,7 +55,9 @@ void load_loggers()
     PluginManager::load_plugins(alert_csv);
     PluginManager::load_plugins(alert_fast);
     PluginManager::load_plugins(alert_full);
+    PluginManager::load_plugins(alert_json);
     PluginManager::load_plugins(alert_syslog);
+    PluginManager::load_plugins(alert_unixsock);
 
     // loggers
     PluginManager::load_plugins(log_hext);