diff --git a/src/output-json-smb.c b/src/output-json-smb.c index e31dcb8993..593a33a20a 100644 --- a/src/output-json-smb.c +++ b/src/output-json-smb.c @@ -1,4 +1,4 @@ -/* Copyright (C) 2017 Open Information Security Foundation +/* Copyright (C) 2017-2018 Open Information Security Foundation * * You can copy, redistribute or modify this Program under the terms of * the GNU General Public License version 2 as published by the Free @@ -50,17 +50,6 @@ #include "rust.h" #include "rust-smb-log-gen.h" -typedef struct LogSMBFileCtx_ { - LogFileCtx *file_ctx; - uint32_t flags; -} LogSMBFileCtx; - -typedef struct LogSMBLogThread_ { - LogSMBFileCtx *smblog_ctx; - uint32_t count; - MemBuffer *buffer; -} LogSMBLogThread; - json_t *JsonSMBAddMetadata(const Flow *f, uint64_t tx_id) { SMBState *state = FlowGetAppState(f); @@ -77,7 +66,7 @@ json_t *JsonSMBAddMetadata(const Flow *f, uint64_t tx_id) static int JsonSMBLogger(ThreadVars *tv, void *thread_data, const Packet *p, Flow *f, void *state, void *tx, uint64_t tx_id) { - LogSMBLogThread *thread = thread_data; + OutputJsonThreadCtx *thread = thread_data; json_t *js, *smbjs; js = CreateJSONHeader(p, LOG_DIR_FLOW, "smb"); @@ -92,7 +81,7 @@ static int JsonSMBLogger(ThreadVars *tv, void *thread_data, json_object_set_new(js, "smb", smbjs); MemBufferReset(thread->buffer); - OutputJSONBuffer(js, thread->smblog_ctx->file_ctx, &thread->buffer); + OutputJSONBuffer(js, thread->ctx->file_ctx, &thread->buffer); json_decref(js); return TM_ECODE_OK; @@ -102,90 +91,20 @@ error: return TM_ECODE_FAILED; } -static void OutputSMBLogDeInitCtxSub(OutputCtx *output_ctx) -{ - LogSMBFileCtx *smblog_ctx = (LogSMBFileCtx *)output_ctx->data; - SCFree(smblog_ctx); - SCFree(output_ctx); -} - -static OutputInitResult OutputSMBLogInitSub(ConfNode *conf, - OutputCtx *parent_ctx) +static OutputInitResult SMBLogInitSub(ConfNode *conf, OutputCtx *parent_ctx) { - OutputInitResult result = { NULL, false }; - OutputJsonCtx *ajt = parent_ctx->data; - - LogSMBFileCtx *smblog_ctx = SCCalloc(1, sizeof(*smblog_ctx)); - if (unlikely(smblog_ctx == NULL)) { - return result; - } - smblog_ctx->file_ctx = ajt->file_ctx; - - OutputCtx *output_ctx = SCCalloc(1, sizeof(*output_ctx)); - if (unlikely(output_ctx == NULL)) { - SCFree(smblog_ctx); - return result; - } - output_ctx->data = smblog_ctx; - output_ctx->DeInit = OutputSMBLogDeInitCtxSub; - - SCLogDebug("SMB log sub-module initialized."); - AppLayerParserRegisterLogger(IPPROTO_TCP, ALPROTO_SMB); AppLayerParserRegisterLogger(IPPROTO_UDP, ALPROTO_SMB); - - result.ctx = output_ctx; - result.ok = true; - return result; -} - -#define OUTPUT_BUFFER_SIZE 65535 - -static TmEcode JsonSMBLogThreadInit(ThreadVars *t, const void *initdata, void **data) -{ - LogSMBLogThread *thread = SCCalloc(1, sizeof(*thread)); - if (unlikely(thread == NULL)) { - return TM_ECODE_FAILED; - } - - if (initdata == NULL) { - SCLogDebug("Error getting context for EveLogSMB. \"initdata\" is NULL."); - SCFree(thread); - return TM_ECODE_FAILED; - } - - thread->buffer = MemBufferCreateNew(OUTPUT_BUFFER_SIZE); - if (unlikely(thread->buffer == NULL)) { - SCFree(thread); - return TM_ECODE_FAILED; - } - - thread->smblog_ctx = ((OutputCtx *)initdata)->data; - *data = (void *)thread; - - return TM_ECODE_OK; -} - -static TmEcode JsonSMBLogThreadDeinit(ThreadVars *t, void *data) -{ - LogSMBLogThread *thread = (LogSMBLogThread *)data; - if (thread == NULL) { - return TM_ECODE_OK; - } - if (thread->buffer != NULL) { - MemBufferFree(thread->buffer); - } - SCFree(thread); - return TM_ECODE_OK; + return OutputJsonLogInitSub(conf, parent_ctx); } void JsonSMBLogRegister(void) { /* Register as an eve sub-module. */ OutputRegisterTxSubModule(LOGGER_JSON_SMB, "eve-log", "JsonSMBLog", - "eve-log.smb", OutputSMBLogInitSub, ALPROTO_SMB, - JsonSMBLogger, JsonSMBLogThreadInit, - JsonSMBLogThreadDeinit, NULL); + "eve-log.smb", SMBLogInitSub, ALPROTO_SMB, + JsonSMBLogger, JsonLogThreadInit, + JsonLogThreadDeinit, NULL); SCLogDebug("SMB JSON logger registered."); }